映射到 CWE-639,CWE-22 的搜索结果 (2025)

CVE-2015-4085(发布:2017-09-07 16:29:00)NM
CVSS5.0

[原文]Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1.

CVE-2014-8676(发布:2017-08-31 18:29:00)NMCP
CVSS5.0

[CNNVD]SO Planning 路径遍历漏洞--SO Planning是一套免费且开源的在线项目生产和管理工具。 SO Planning 1.32及之前版本中存在路径遍历漏洞。攻击者可利用该漏洞检测任意远程文件。

CVE-2017-3163(发布:2017-08-30 10:29:00)NM
CVSS5.0

[原文]When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.

CVE-2017-2258(发布:2017-08-28 21:35:13)NM
CVSS4.0

[原文]Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 allows an attacker to read arbitrary files via Garoon SOAP API "WorkflowHandleApplications".

CVE-2014-8163(发布:2017-08-28 15:29:00)NM
CVSS5.5

[原文]Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5.

CVE-2015-1198(发布:2017-08-28 11:29:01)NMC
CVSS5.0

[CNNVD]ha 目录遍历漏洞--ha是软件开发者Mikhail Gusarov所研发的一套使用HSC压缩算法的压缩软件。 ha中存在目录遍历漏洞。远程攻击者可通过发送带有目录遍历序列‘..’的请求利用该漏洞读取应用程序上下文中的任意文件。

首页上一页12345678下一页尾页 第3页 / 共338页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站