关键字 的搜索结果 (14250)

CVE-2015-4704(发布:2017-05-23 00:29:00)NMP
CVSS5.0

[原文]Directory traversal vulnerability in the Download Zip Attachments plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the File parameter to download.php.

CVE-2016-3403(发布:2017-05-17 10:29:00)NMPS
CVSS6.8

[原文]Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Zimbra Collaboration before 8.6.0 Patch 8 allow remote attackers to hijack the authentication of administrators for requests that (1) add, (2) modify, or (3) remove accounts by leveraging failure to use of a CSRF token and perform referer header checks, aka bugs 100885 and 100899.

CVE-2015-8257(发布:2017-05-02 10:59:00)NMPS
CVSS9.0

[原文]The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to (1) app_license.shtml, (2) app_license_custom.shtml, (3) app_index.shtml, or (4) app_params.shtml.

CVE-2016-4313(发布:2017-04-24 14:59:00)NMPS
CVSS6.8

[原文]Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. (dot dot) in an archive file.

CVE-2015-8256(发布:2017-04-17 12:59:00)NMPS
CVSS4.3

[原文]Multiple cross-site scripting (XSS) vulnerabilities in Axis network cameras.

CVE-2016-0727(发布:2017-04-14 14:59:00)NMPS
CVSS7.2

[原文]The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to arbitrary files and consequently gain privileges via vectors involving statistics directory cleanup.

首页上一页12345678下一页尾页 第2页 / 共2375页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站