映射到 CWE-639,CWE-22 的搜索结果 (1984)

CVE-2015-3297(发布:2017-07-07 12:29:00)NMC
CVSS5.0

[CNNVD]Etherpad Lite’utils/Minify.js‘目录遍历漏洞--Etherpad Lite是Etherpad基金会的一套开源的富文本在线协作软件。 Etherpad Lite中存在目录遍历漏洞。远程攻击者可借助目录遍历字符‘..’利用该漏洞访问或读取包含敏感信息的任意文件,或访问受限制目录外的文件,获取敏感信息。 ...

CVE-2017-10974(发布:2017-07-07 07:29:00)N
CVSS5.0

[原文]Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. NOTE: this CVE is only about use of an initial /%5C sequence to defeat traversal protection mechanisms; the initial /%5C sequence was apparently not discussed in earlier research on this product.

CVE-2015-7780(发布:2017-06-27 16:29:00)NMS
CVSS4.0

[原文]Directory traversal vulnerability in ManageEngine Firewall Analyzer before 8.0.

CVE-2017-9833(发布:2017-06-23 22:29:00)NMP
CVSS5.0

[原文]/cgi-bin/wapopen in BOA Webserver 0.94.14rc21 allows the injection of "../.." using the FILECAMERA variable (sent by GET) to read files with root privileges.

CVE-2016-7825(发布:2017-06-09 12:29:01)NM
CVSS4.0

[原文]Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted commands.

CVE-2016-7826(发布:2017-06-09 12:29:01)NM
CVSS4.0

[原文]Directory traversal vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to read arbitrary files via specially crafted POST requests.

首页上一页345678910下一页尾页 第5页 / 共331页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站