Description

Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication.

Remediation

References

CVE-2017-1000029

Related Vulnerabilities

PleskWin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-0132)

EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14550)

XWiki Files or Directories Accessible to External Parties Vulnerability (CVE-2022-23621)

WordPress Plugin WordPress Photo Gallery by Gallery Bank SQL Injection (3.0.101)

Drupal Core 9.0.x Multiple Security Bypass Vulnerabilities (9.0.0 - 9.0.14)

Severity

High

Classification

CVE-2017-1000029 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities