映射到 CWE-639,CWE-22 的搜索结果 (2131)

CVE-2018-1204(发布:2018-03-26 14:29:01)NMP
CVSS7.2

[原文]Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isi_phone_home tool. A malicious compadmin may potentially exploit this vulnerability to execute arbitrary code with root privileges.

CVE-2018-9010(发布:2018-03-25 14:29:00)NM
CVSS5.0

[原文]Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29 devices allow remote authenticated admins to read arbitrary files via the /cgi-bin/cgiServer.exx page parameter, aka absolute path traversal. In some cases, authentication can be achieved via the admin account with its default admin password.

CVE-2018-7719(发布:2018-03-25 12:29:00)NMP
CVSS5.0

[原文]Acrolinx Server before 5.2.5 on Windows allows Directory Traversal.

CVE-2018-8965(发布:2018-03-24 14:29:00)NM
CVSS6.4

[原文]An issue was discovered in zzcms 8.2. user/ppsave.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.

CVE-2018-8968(发布:2018-03-24 14:29:00)NM
CVSS6.4

[原文]An issue was discovered in zzcms 8.2. user/manage.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg or oldflv parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.

CVE-2018-8969(发布:2018-03-24 14:29:00)NM
CVSS6.4

[原文]An issue was discovered in zzcms 8.2. user/licence_save.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.

首页上一页56789101112下一页尾页 第7页 / 共356页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站