映射到 CWE-639,CWE-22 的搜索结果 (2025)

CVE-2017-7693(发布:2017-08-26 00:29:00)NM
CVSS6.8

[原文]Directory traversal vulnerability in viewer_script.jsp in Riverbed OPNET App Response Xpert (ARX) version 9.6.1 allows remote authenticated users to inject arbitrary commands to read OS files.

CVE-2017-9640(发布:2017-08-25 15:29:00)NMPS
CVSS6.5

[原文]A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker may be able to overwrite files that are used to execute code. This vulnerability does not affect version 6.5 of the software.

CVE-2015-1395(发布:2017-08-25 14:29:00)NMCPS
CVSS7.8

[CNNVD]GNU patch 本地目录遍历漏洞--GNU patch是GNU项目的一部分,它是安装主题包时所要安装的基础补丁。 GNU patch中存在本地目录遍历漏洞,该漏洞源于程序没有充分过滤用户提交的输入。本地攻击者可利用该漏洞获取受影响系统中的任意文件内容的访问权限。

CVE-2015-4180(发布:2017-08-25 14:29:00)NM
CVSS5.0

[原文]Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 through 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this vulnerability exists due to an incomplete fix to CVE-2009-4050.

CVE-2015-4181(发布:2017-08-25 14:29:00)NM
CVSS5.0

[原文]Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 through 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this vulnerability exists due to an incomplete fix to CVE-2015-4180.

CVE-2015-8352(发布:2017-08-24 17:29:00)NMP
CVSS10.0

[原文]Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php.

首页上一页345678910下一页尾页 第5页 / 共338页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站