Filtered by vendor Avalanche123
Subscriptions
Filtered by product Cassandra Web
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-36939 | 1 Avalanche123 | 1 Cassandra Web | 2026-01-28 | 7.5 High |
| Cassandra Web 0.5.0 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating path traversal parameters. Attackers can exploit the disabled Rack::Protection module to read sensitive system files like /etc/passwd and retrieve Apache Cassandra database credentials. | ||||
Page 1 of 1.