Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
filr vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2016-1611
Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands....
Novell Filr
1 EDB exploit available
7.2
CVSSv2
CVE-2019-3475
A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update 6....
Microfocus Filr 3.0
1 EDB exploit available
4
CVSSv2
CVE-2019-3474
A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. This vulnerability affects all versions of Filr 3.x prior to Security Update 6....
Microfocus Filr 3.0
1 EDB exploit available
3.5
CVSSv2
CVE-2016-1609
Multiple cross-site scripting (XSS) vulnerabilities in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allow remote authenticated users to inject arbitrary web script or HTML via crafted input, as demonstrated by a crafted attribute of an IMG element in...
Novell Filr
1 EDB exploit available
6.5
CVSSv2
CVE-2016-1607
Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administrators, as demonstrated by reconfiguring time settings via a vaconfig/time...
Novell Filr
1 EDB exploit available
9
CVSSv2
CVE-2016-1608
vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter....
Novell Filr
1 EDB exploit available
4.3
CVSSv2
CVE-2015-5968
Cross-site scripting (XSS) vulnerability in Novell Filr 1.2 before Hot Patch 4 allows remote attackers to inject arbitrary web script or HTML via a crafted URL....
Novell Filr
5
CVSSv2
CVE-2016-1610
Directory traversal vulnerability in the email-template feature in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote attackers to bypass intended access restrictions and write to arbitrary files via a .. (dot dot) in a blob name....
Novell Filr
1 EDB exploit available
4
CVSSv2
CVE-2020-25838
Unauthorized disclosure of sensitive information vulnerability in Micro Focus Filr product. Affecting all 3.x and 4.x versions. The vulnerability could be exploited to disclose unauthorized sensitive information....
Microfocus Filr
3.5
CVSSv2
CVE-2020-25832
Reflected Cross Site scripting vulnerability on Micro Focus Filr product, affecting version 4.2.1. The vulnerability could be exploited to perform Reflected XSS attack....
Microfocus Filr 4.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
arbitrary code
CVE-2021-21259
CVE-2021-3115
hard-coded
CVE-2021-1140
CVE-2020-11150
CVE-2019-8791
physical
CVE-2020-11215
Vulmon