映射到 CWE-639,CWE-22 的搜索结果 (1984)

CVE-2017-11389(发布:2017-08-02 17:29:00)N
CVSS7.5

[原文]Directory traversal vulnerability in Trend Micro Control Manager 6.0 allows remote code execution by attackers able to drop arbitrary files in a web-facing directory. Formerly ZDI-CAN-4684.

CVE-2017-11723(发布:2017-07-29 01:29:00)N
CVSS5.0

[原文]Directory traversal vulnerability in plugins/ImageManager/backend.php in Xinha 0.96, as used in Jojo 4.4.0, allows remote attackers to delete any folder via directory traversal sequences in the deld parameter.

CVE-2017-11658(发布:2017-07-26 11:29:00)N
CVSS5.0

[原文]In the WP Rocket plugin 2.9.3 for WordPress, the Local File Inclusion mitigation technique is to trim traversal characters (..) -- however, this is insufficient to stop remote attacks and can be bypassed by using 0x00 bytes, as demonstrated by a .%00.../.%00.../ attack.

CVE-2017-11630(发布:2017-07-26 04:29:00)N
CVSS5.0

[原文]dapur\apps\app_config\controller\backuper.php in Fiyo CMS 2.0.7 allows remote attackers to delete arbitrary files via directory traversal sequences in the file parameter in a type=database request, a different vulnerability than CVE-2017-8853.

CVE-2015-1847(发布:2017-07-24 21:29:00)NM
CVSS5.0

[原文]Directory traversal vulnerability in the web request/response interface in Appserver before 1.0.3 allows remote attackers to read normally inaccessible files via a .. (dot dot) in a crafted URL.

CVE-2017-11587(发布:2017-07-23 20:29:00)N
CVSS5.0

[原文]On Cisco DDR2200 ADSL2+ Residential Gateway DDR2200B-NA-AnnexA-FCC-V00.00.03.45.4E and DDR2201v1 ADSL2+ Residential Gateway DDR2201v1-NA-AnnexA-FCC-V00.00.03.28.3 devices, there is directory traversal in the filename parameter to the /download.conf URI.

首页上一页12345678下一页尾页 第2页 / 共331页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站