Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
subversion vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2013-4267
Ajaxeplorer prior to 5.0.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) archive_name parameter to the Power FS module (plugins/action.powerfs/class.PowerFSController.php), a (2) file name to the getTrustSizeOnFileSystem function ...
Pydio Pydio
8.5
CVSSv2
CVE-2007-6415
scponly 4.6 and previous versions allows remote authenticated users to bypass intended restrictions and execute arbitrary code by invoking scp, as implemented by OpenSSH, with the -F and -o options.
Debian Debian Linux 3.1
Debian Debian Linux 4.0
5.4
CVSSv2
CVE-2019-0227
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor t...
Apache Axis 1.4
Oracle Agile Product Lifecycle Management Framework 9.3.3
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Peoplesoft Enterprise Human Capital Management Human Resources 9.2
Oracle Retail Xstore Point Of Service 7.1
Oracle Enterprise Manager Base Platform 12.1.0.5
Oracle Flexcube Private Banking 12.0.0
Oracle Primavera Unifier 16.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Tuxedo 12.1.3
Oracle Internet Directory 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Communications Order And Service Management 7.3.0.0.0
Oracle Flexcube Core Banking 11.7.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Secure Global Desktop 5.4
Oracle Retail Order Broker 15.0
1 EDB exploit
2 Github repositories
NA
CVE-2023-22456
ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions before 1.2.2 and 1.1.29. The impact of this vulnerability is mitigated by the need for an malicious user to have commit privileges to a S...
Viewvc Viewvc
NA
CVE-2023-22464
ViewVC is a browser interface for CVS and Subversion version control repositories. Versions before 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an malicious user to have commit privileges to a Subversion re...
Viewvc Viewvc
4.3
CVSSv2
CVE-2016-1236
Multiple cross-site scripting (XSS) vulnerabilities in (1) revision.php, (2) log.php, (3) listing.php, and (4) comp.php in WebSVN allow context-dependent malicious users to inject arbitrary web script or HTML via the name of a (a) file or (b) directory in a repository.
Websvn Websvn
Debian Debian Linux 8.0
3.5
CVSSv2
CVE-2013-6892
WebSVN 2.3.3 allows remote authenticated users to read arbitrary files via a symlink attack in a commit.
Websvn Websvn 2.3.3
Debian Debian Linux 7.0
4.3
CVSSv2
CVE-2017-5938
Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC prior to 1.0.14 and 1.1.x prior to 1.1.26 allows remote malicious users to inject arbitrary web script or HTML via the nav_data name.
Debian Debian Linux 8.0
Opensuse Leap 42.2
Opensuse Project Leap 42.1
Viewvc Viewvc
3.5
CVSSv2
CVE-2009-0240
listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote authenticated users to read changelogs or diffs for restricted projects via a modified repname parameter.
Tigris Websvn 2.0
4.3
CVSSv2
CVE-2016-2511
Cross-site scripting (XSS) vulnerability in WebSVN 2.3.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the path parameter to log.php.
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Websvn Websvn
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »