Show filters
767 Total Results
Displaying 21-30 of 767
Sort by:
Attacker Value
Unknown
CVE-2024-47916
Disclosure Date: November 14, 2024 (last updated November 14, 2024)
Boa web server - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
0
Attacker Value
Unknown
CVE-2024-22029
Disclosure Date: October 16, 2024 (last updated October 17, 2024)
Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root
0
Attacker Value
Unknown
CVE-2022-4974
Disclosure Date: October 16, 2024 (last updated October 16, 2024)
The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
0
Attacker Value
Unknown
CVE-2024-8232
Disclosure Date: September 10, 2024 (last updated September 11, 2024)
SpiderControl SCADA Web Server has a vulnerability that could allow an
attacker to upload specially crafted malicious files without
authentication.
0
Attacker Value
Unknown
CVE-2024-6456
Disclosure Date: August 15, 2024 (last updated August 16, 2024)
AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL.
0
Attacker Value
Unknown
CVE-2024-33005
Disclosure Date: August 13, 2024 (last updated September 13, 2024)
Due to the missing authorization checks in the
local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application
Server (ABAP and Java), and SAP Content Server can impersonate other users and
may perform some unintended actions. This could lead to a low impact on
confidentiality and a high impact on the integrity and availability of the
applications.
0
Attacker Value
Unknown
CVE-2024-5434
Disclosure Date: May 28, 2024 (last updated May 29, 2024)
The Campbell Scientific CSI Web Server stores web authentication credentials in a file with a specific file name. Passwords within that file are stored in a weakly encoded format. There is no known way to remotely access the file unless it has been manually renamed. However, if an attacker were to gain access to the file, passwords could be decoded and reused to gain access.
0
Attacker Value
Unknown
CVE-2024-5433
Disclosure Date: May 28, 2024 (last updated May 29, 2024)
The Campbell Scientific CSI Web Server supports a command that will return the most recent file that matches a given expression. A specially crafted expression can lead to a path traversal vulnerability. This command combined with a specially crafted expression allows anonymous, unauthenticated access (allowed by default) by an attacker to files and directories outside of the webserver root directory they should be restricted to.
0
Attacker Value
Unknown
CVE-2024-5193
Disclosure Date: May 22, 2024 (last updated May 22, 2024)
A vulnerability was found in Ritlabs TinyWeb Server 1.94. It has been classified as problematic. Affected is an unknown function of the component Request Handler. The manipulation with the input %0D%0A leads to crlf injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-265830 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
0
Attacker Value
Unknown
CVE-2024-32966
Disclosure Date: May 01, 2024 (last updated May 01, 2024)
Static Web Server (SWS) is a tiny and fast production-ready web server suitable to serve static web files or assets. In affected versions if directory listings are enabled for a directory that an untrusted user has upload privileges for, a malicious file name like `<img src=x onerror=alert(1)>.txt` will allow JavaScript code execution in the context of the web server’s domain. SWS generally does not perform escaping of HTML entities on any values inserted in the directory listing. At the very least `file_name` and `current_path` could contain malicious data however. `file_uri` could also be malicious but the relevant scenarios seem to be all caught by hyper. For any web server that allow users to upload files or create directories under a name of their choosing this becomes a stored Cross-site Scripting vulnerability. Users are advised to upgrade. There are no known workarounds for this vulnerability.
0