映射到 CWE-639,CWE-22 的搜索结果 (2035)

CVE-2017-8805(发布:2017-10-17 14:29:00)NM
CVSS6.4

[原文]Debian ftpsync before 20171017 does not use the rsync --safe-links option, which allows remote attackers to conduct directory traversal attacks via a crafted upstream mirror.

CVE-2017-9367(发布:2017-10-16 17:29:00)NM
CVSS6.8

[原文]A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request.

CVE-2014-3702(发布:2017-10-16 11:29:00)NM
CVSS6.4

[原文]Directory traversal vulnerability in eNovance eDeploy allows remote attackers to create arbitrary directories and files and consequently cause a denial of service (resource consumption) via a .. (dot dot) the session parameter.

CVE-2015-2856(发布:2017-10-10 09:29:00)NM
CVSS5.0

[原文]Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices before FTA_9_11_210 allows remote attackers to read arbitrary files via a .. (dot dot) in the statecode cookie.

CVE-2015-1429(发布:2017-10-06 18:29:00)NM
CVSS5.0

[原文]Directory traversal vulnerability in Cybele Software Thinfinity Remote Desktop Workstation 3.0.0.3 32-bit and 64-bit allows remote attackers to download arbitrary files via a .. (dot dot) in an unspecified parameter.

CVE-2017-1577(发布:2017-09-27 21:29:02)NMS
CVSS5.0

[原文]IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 132117.

首页上一页12345678下一页尾页 第3页 / 共340页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站