Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
directory server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-22415
jupyter-lsp is a coding assistance tool for JupyterLab (code navigation + hover suggestions + linters + autocompletion + rename) using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control (on the operating sy...
Jupyter Language Server Protocol Integration
NA
CVE-2023-40051
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 before 11.7.18, 12.2 before 12.2.13, and innovation releases before 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on...
Progress Openedge
Progress Openedge Innovation
NA
CVE-2023-4757
The Staff / Employee Business Directory for Active Directory WordPress plugin prior to 1.2.3 does not sanitize and escape data returned from the LDAP server before rendering it in the page, allowing users who can control their entries in the LDAP directory to inject malicious jav...
Miniorange Staff \\/ Employee Business Directory For Active Directory
NA
CVE-2023-22527
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated malicious user to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence ...
Atlassian Confluence Data Center
Atlassian Confluence Server
1 Metasploit module
27 Github repositories
2 Articles
NA
CVE-2023-6457
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning Manager server component) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: prior to 8.8.5-04.
Hitachi Tuning Manager
NA
CVE-2023-48166
A directory traversal vulnerability in the SOAP Server integrated in Atos Unify OpenScape Voice V10 before V10R3.26.1 allows a remote malicious user to view the contents of arbitrary files in the local file system. An unauthenticated attacker might obtain sensitive files that all...
Unify Openscape Voice 10.0
NA
CVE-2023-5504
The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated malicious users to store backups in arbitrary folders on the server provided they can be written to by the server. Add...
Inpsyde Backwpup
1 Github repository
NA
CVE-2023-6583
The Import and export users and customers plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.24.2 via the Recurring Import functionality. This makes it possible for authenticated attackers, with administrator access and above, to rea...
Codection Import And Export Users And Customers
NA
CVE-2023-6699
The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.10.33 via the css parameter. This makes it possible for unauthenticated malicious users to read the contents of arbitrary files o...
Wpcompress Wp Compress
NA
CVE-2023-29050
The optional "LDAP contacts provider" could be abused by privileged users to inject LDAP filter strings that allow to access content outside of the intended hierarchy. Unauthorized users could break confidentiality of information in the directory and potentially cause h...
Open-xchange Ox App Suite 7.10.6
Open-xchange Ox App Suite
Open-xchange Ox App Suite 8.16
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »