Lucene search
ApacheCVELIST:CVE-2018-1306HistoryJun 27, 2018 - 6:00 p.m.
CVE-2018-1306
2018-06-2718:00:00
apache
www.cve.org
4
The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload. An attacker could exploit this vulnerability to obtain configuration data and other sensitive information.
CNA Affected
[
{
"product": "Apache Pluto",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "3.0.0"
}
]
}
]Related
exploitpack
exploitpack
Apache Portals Pluto 3.0.0 - Remote Code Execution
2018-09-13 00:00:00
packetstorm
packetstorm
Apache Portals Pluto 3.0.0 Remote Code Execution
2018-09-14 00:00:00
zdt
zdt
Apache Portals Pluto 3.0.0 - Remote Code Execution Exploit
2018-09-16 00:00:00
exploitdb
exploitdb
Apache Portals Pluto 3.0.0 - Remote Code Execution
2018-09-13 00:00:00
cve
cve
CVE-2018-1306
2018-06-27 18:29:00
osv
osv
Exposure of Sensitive Information in Apache Pluto
2022-05-14 01:29:43
prion
prion
Design/Logic Flaw
2018-06-27 18:29:00
nvd
nvd
CVE-2018-1306
2018-06-27 18:29:00
checkpoint_advisories
checkpoint_advisories
Apache Portals Pluto Remote Code Execution (CVE-2018-1306)
2018-09-16 00:00:00
veracode
veracode
Information Disclosure
2018-06-28 06:18:56
github
github
Exposure of Sensitive Information in Apache Pluto
2022-05-14 01:29:43