映射到 CWE-639,CWE-22 的搜索结果 (2101)

CVE-2018-0525(发布:2018-03-09 11:29:00)NM
CVSS5.0

[原文]Directory traversal vulnerability in Jubatus 1.0.2 and earlier allows remote attackers to read arbitrary files via unspecified vectors.

CVE-2018-6810(发布:2018-03-06 15:29:01)NM
CVSS5.0

[原文]Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request.

CVE-2018-1316(发布:2018-03-05 09:29:00)NM
CVSS6.4

[原文]The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion. This issue was addressed in Apache ODE 1.3.3 which was released in 2009, however the incorrect name CVE-2008-2370 was used on the advisory by mistake.

CVE-2018-7654(发布:2018-03-03 20:29:00)NM
CVSS4.0

[原文]On 3CX 15.5.6354.2 devices, the parameter "file" in the request "/api/RecordingList/download?file=" allows full access to files on the server via path traversal.

CVE-2018-7586(发布:2018-03-01 17:29:00)NM
CVSS5.0

[原文]In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery paths are not secured.

CVE-2018-2367(发布:2018-03-01 12:29:00)NMS
CVSS6.5

[原文]ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.

首页上一页345678910下一页尾页 第5页 / 共351页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站