Количество 6
Количество 6
CVE-2013-6397
Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries.
CVE-2013-6397
Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries.
CVE-2013-6397
Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries.
CVE-2013-6397
Directory traversal vulnerability in SolrResourceLoader in Apache Solr ...
GHSA-j8qw-mwmv-28cg
Improper Limitation of a Pathname to a Restricted Directory in Apache Solr
BDU:2015-04135
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность и доступность защищаемой информации
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2013-6397 Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries. | CVSS2: 4.3 | 93% Критический | почти 12 лет назад |
 | CVE-2013-6397 Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries. | CVSS2: 6.4 | 93% Критический | почти 12 лет назад |
 | CVE-2013-6397 Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries. | CVSS2: 4.3 | 93% Критический | почти 12 лет назад |
| CVE-2013-6397 Directory traversal vulnerability in SolrResourceLoader in Apache Solr ... | CVSS2: 4.3 | 93% Критический | почти 12 лет назад |
| GHSA-j8qw-mwmv-28cg Improper Limitation of a Pathname to a Restricted Directory in Apache Solr | 93% Критический | больше 3 лет назад | |
 | BDU:2015-04135 Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность и доступность защищаемой информации | CVSS2: 6.4 | почти 12 лет назад |
Уязвимостей на страницу