Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
novell filr vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2016-1608
vaconfig/time in Novell Filr prior to 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter.
Novell Filr
1 EDB exploit
7.2
CVSSv2
CVE-2016-1611
Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands.
Novell Filr
1 EDB exploit
6.5
CVSSv2
CVE-2016-1607
Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Novell Filr prior to 2.0 Security Update 2 allow remote malicious users to hijack the authentication of administrators, as demonstrated by reconfiguring time settings via a vaconfig/time...
Novell Filr
1 EDB exploit
5
CVSSv2
CVE-2016-1610
Directory traversal vulnerability in the email-template feature in Novell Filr prior to 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote malicious users to bypass intended access restrictions and write to arbitrary files via a .. (dot dot) in a blob name.
Novell Filr
1 EDB exploit
4.3
CVSSv2
CVE-2015-5968
Cross-site scripting (XSS) vulnerability in Novell Filr 1.2 before Hot Patch 4 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Novell Filr
3.5
CVSSv2
CVE-2016-1609
Multiple cross-site scripting (XSS) vulnerabilities in Novell Filr prior to 1.2 Security Update 3 and 2.0 before Security Update 2 allow remote authenticated users to inject arbitrary web script or HTML via crafted input, as demonstrated by a crafted attribute of an IMG element i...
Novell Filr
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started