映射到 CWE-639,CWE-22 的搜索结果 (2035)

CVE-2017-3163(发布:2017-08-30 10:29:00)NM
CVSS5.0

[原文]When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.

CVE-2017-2258(发布:2017-08-28 21:35:13)NM
CVSS4.0

[原文]Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 allows an attacker to read arbitrary files via Garoon SOAP API "WorkflowHandleApplications".

CVE-2014-8163(发布:2017-08-28 15:29:00)NM
CVSS5.5

[原文]Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5.

CVE-2015-1198(发布:2017-08-28 11:29:01)NMC
CVSS5.0

[CNNVD]ha 目录遍历漏洞--ha是软件开发者Mikhail Gusarov所研发的一套使用HSC压缩算法的压缩软件。 ha中存在目录遍历漏洞。远程攻击者可通过发送带有目录遍历序列‘..’的请求利用该漏洞读取应用程序上下文中的任意文件。

CVE-2015-1199(发布:2017-08-28 11:29:01)NM
CVSS5.0

[原文]Directory traversal vulnerability in ppmd 10.1-5.

CVE-2015-1386(发布:2017-08-28 11:29:01)NM
CVSS5.0

[原文]Directory traversal vulnerability in unshield 1.0-1.

首页上一页345678910下一页尾页 第5页 / 共340页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站