37 results (0.005 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

A vulnerability, which was classified as problematic, was found in SiteFusion Application Server up to 6.6.6. This affects an unknown part of the file getextension.php of the component Extension Handler. The manipulation leads to path traversal. Upgrading to version 6.6.7 is able to address this issue. The identifier of the patch is 49fff155c303d6cd06ce8f97bba56c9084bf08ac. • https://github.com/sitefusion/server/commit/49fff155c303d6cd06ce8f97bba56c9084bf08ac https://github.com/sitefusion/server/pull/67 https://github.com/sitefusion/server/releases/tag/v6.6.7 https://vuldb.com/?ctiid.219765 https://vuldb.com/?id.219765 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0990. Vulnerabilidad no especificada en el componente BI Publisher en Oracle Application Server 5.6.2, 10.1.3.2.1 y 10.1.3.3.3 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2009-0990. • http://osvdb.org/53742 http://secunia.com/advisories/34693 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •

CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0

Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-1017. Vulnerabilidad no especificada en el componente BI Publisher en Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3 y 10.1.3.4 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2009-1017. • http://osvdb.org/53744 http://secunia.com/advisories/34693 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0989. Vulnerabilidad no especificada en el componente BI Publisher en Oracle Application Server 5.6.2, 10.1.3.2.1 y 10.1.3.3.3 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2009-0989. • http://osvdb.org/53743 http://secunia.com/advisories/34693 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •

CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0

Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-0994. Vulnerabilidad no especificada en el componente BI Publisher en Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3 y 10.1.3.4 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2009-0994. • http://osvdb.org/53746 http://secunia.com/advisories/34693 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •