CVE-2024-23897.zip
3.2 KB
CVE-2024-23897
Author: wvverez
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
GitHub Link:
https://github.com/wvverez/CVE-2024-23897
Author: wvverez
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
GitHub Link:
https://github.com/wvverez/CVE-2024-23897
CVE-2015-3306.zip
470.8 KB
CVE-2015-3306
Author: canpilayda
The modcopy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
GitHub Link:
https://github.com/canpilayda/proftpd-modcopy-cve-2015-3306
Author: canpilayda
The modcopy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
GitHub Link:
https://github.com/canpilayda/proftpd-modcopy-cve-2015-3306
CVE-2026-22812
Author: barrersoftware
None
GitHub Link:
https://github.com/barrersoftware/opencode-secure
Author: barrersoftware
None
GitHub Link:
https://github.com/barrersoftware/opencode-secure