|
257651
|
7.5 |
HIGH
Network
|
picard_project
|
picard
|
picard is a micro framework. picard is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16194
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257652
|
7.5 |
HIGH
Network
|
mfrs_project
|
mfrs
|
mfrs is a static file server. mfrs is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16193
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257653
|
7.5 |
HIGH
Network
|
getcityapi.yoehoehne_project
|
getcityapi.yoehoehne
|
getcityapi.yoehoehne is a web server. getcityapi.yoehoehne is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16192
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257654
|
7.5 |
HIGH
Network
|
cypserver_project
|
cypserver
|
cypserver is a static file server. cypserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16191
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257655
|
7.5 |
HIGH
Network
|
dcdcdcdcdc_project
|
dcdcdcdcdc
|
dcdcdcdcdc is a static file server. dcdcdcdcdc is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16190
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257656
|
7.5 |
HIGH
Network
|
sly07_project
|
sly07
|
sly07 is an API for censoring text. sly07 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16189
|
2024-11-21 12:16 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257657
|
9.8 |
CRITICAL
Network
|
tp-shop
|
tpshop
|
SSRF (Server Side Request Forgery) in tpshop 2.0.5 and 2.0.6 allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution via the plugi…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2017-16614
|
2024-11-21 12:16 |
2018-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257658
|
7.8 |
HIGH
Local
|
hashicorp
|
vagrant_vmware_fusion
|
The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available.
|
CWE-362
Race Condition
|
CVE-2017-16512
|
2024-11-21 12:16 |
2018-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257659
|
6.8 |
MEDIUM
Physics
|
meco
|
usb_memory_stick_with_fingerprint_firwmare
|
An issue was discovered on MECO USB Memory Stick with Fingerprint MECOZiolsamDE601 devices. The fingerprint authentication requirement for data access can be bypassed. An attacker with physical acces…
|
CWE-287
Improper Authentication
|
CVE-2017-16242
|
2024-11-21 12:16 |
2018-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257660
|
8.8 |
HIGH
Network
|
synology
|
photo_station
|
Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes vi…
|
CWE-20
Improper Input Validation
|
CVE-2017-16772
|
2024-11-21 12:16 |
2018-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
