Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
archiver vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-35057
A security issue has been found in HyperKitty before version 1.3.5, where the secret archiver key is vulnerable to timing attacks. This is only exploitable if you can send a request from a approved IP listed in MAILMAN_ARCHIVER_FROM.
NA
CVE-2021-35058
A security issue has been found in HyperKitty before version 1.3.5. The secret archiver key is passed as a GET query parameter and can therefore be leaked into the HTTP server logs.
5
CVSSv2
CVE-2020-7506
A CWE-200: Information Exposure vulnerability exists in Easergy T300, Firmware V1.5.2 and prior, which could allow an malicious user to pack or unpack the archive with the firmware for the controller and modules using the usual tar archiver resulting in an information exposure.
Schneider-electric Easergy T300 Firmware
5.8
CVSSv2
CVE-2019-10743
All versions of archiver allow malicious user to perform a Zip Slip attack via the "unarchive" functions. It is exploited using a specially crafted zip archive, that holds path traversal filenames. When exploited, a filename in a malicious archive is concatenated to the...
Archiver Project Archiver
4.3
CVSSv2
CVE-2019-10685
A Reflected Cross Site Scripting (XSS) Vulnerability exists in Heidelberg Prinect Archiver v2013 release 1.0.
Heidelberg Prinect Archiver 2013
1 EDB exploit
1 Github repository
4.3
CVSSv2
CVE-2018-20369
Barracuda Message Archiver 2018 has XSS in the error_msg exception-handling value for the ldap_user parameter to the cgi-mod/ldap_load_entry.cgi module. The injection point of the issue is the Add_Update module.
Barracuda Message Archiver 2018
7.2
CVSSv2
CVE-2016-10729
An issue exists in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command inje...
Zmanda Amanda 3.3.1
Redhat Enterprise Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 10.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
7.2
CVSSv2
CVE-2016-10730
An issue exists in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root permissions when ...
Zmanda Amanda 3.3.1
Redhat Enterprise Linux 7.0
4.3
CVSSv2
CVE-2018-1002207
mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing malicious users to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also ...
Archiver Project Archiver
7.5
CVSSv2
CVE-2018-5377
Discuz! DiscuzX X3.4 allows remote malicious users to bypass intended access restrictions via the archiver\index.php action parameter.
Discuz Discuzx X3.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »