CVE-2025-13396

A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public a...

CVE-2019-13396

FlightPath 4.x and 5.0-x allows directory traversal and Local File Inclusion through the forminclude parameter in an index.php?q=system-handle-form-submit POST request because of an includeonce in systemhandleformsubmit in modules/system/system.module...

[SECURITY] [DLA 3606-1] freerdp2 security update

Debian LTS Advisory DLA-3606-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost October 07, 2023 https://wiki.debian.org/LTS Package : freerdp2 Version : 2.3.0+dfsg1-2+deb10u3 CVE ID : CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2020-11017 CVE-2020-110...

FreeRDP < 2.1.1 Multiple Vulnerabilities

FreeRDP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:freerdpproject:freerdp";...

NewStart CGSL MAIN 6.02 : freerdp Multiple Vulnerabilities (NS-SA-2021-0083)

The remote NewStart CGSL host, running version MAIN 6.02, has freerdp packages installed that are affected by multiple vulnerabilities: - In FreeRDP greater than 1.2 and before 2.0.0, a double free in updatereadcachebitmapv3order crashes the client application if corrupted data from a manipulated...

Oracle Linux 8 : freerdp / and / vinagre (ELSA-2020-4647)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4647 advisory. freerdp 2:2.1.1-1 - Update to 2.1.1 rhbz1834287. 2:2.0.0-47.rc4 - Fix SCARDINSUFFICIENTBUFFER error rhbz1803054 - Do not advertise /usb in help output...

ALSA-2020:4647 Moderate: freerdp and vinagre security, bug fix, and enhancement update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. The vinagre packages provide the Vinagre remote desktop viewer for the GNOME desktop. Th...

Scientific Linux Security Update : freerdp on SL7.x x86_64 (20201001)

Security Fixes : - freerdp: Out of bound read in cliprdrserverreceivecapabilities CVE-2020-11018 - freerdp: Out of bound read/write in usb redirection channel CVE-2020-11039 - freerdp: out-of-bounds read in updatereadiconinfo function CVE-2020-11042 - freerdp: out-of-bounds read in...

freerdp, libwinpr security update

CentOS Errata and Security Advisory CESA-2020:4031 An update for freerdp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Huawei EulerOS: Security Advisory for freerdp (EulerOS-SA-2020-1848)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2356-1] freerdp security update

Debian LTS Advisory DLA-2356-1 [email protected] https://www.debian.org/lts/security/ Mike Gabriel August 30, 2020 https://wiki.debian.org/LTS Package : freerdp Version : 1.1.0git20140921.1.440916e+dfsg1-13+deb9u4 CVE ID : CVE-2014-0791 CVE-2020-11042 CVE-2020-11045 CVE-2020-11046...

CVE-2020-13396

creationtimestamp| type| source ---|---|--- 2020-05-27 07:55:28+00:00| seen| https://t.me/cibsecurity/12296...

[ASA-202005-16] freerdp: information disclosure

Arch Linux Security Advisory ASA-202005-16 ========================================== Severity: High Date : 2020-05-23 CVE-ID : CVE-2020-13396 CVE-2020-13397 CVE-2020-13398 Package : freerdp Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-1172 Summary ======= T...

DEBIAN-CVE-2020-13396

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds OOB read vulnerability has been detected in ntlmreadChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlmmessage.c...

UBUNTU-CVE-2020-13396

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds OOB read vulnerability has been detected in ntlmreadChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlmmessage.c...

CVE-2020-13396

Summary: CVE-2020-13396 affects FreeRDP prior to version 2.1.2 and involves an out-of-bounds read in ntlm_read_ChallengeMessage (winpr/libwinpr/sspi/NTLM/ntlm_message.c). This is a memory-read vulnerability with potential impact to confidentiality as described in the connected advisories. Consequ...

FlightPath < 4.8.2 / < 5.0-rc2 - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: FlightPath 4.8.2 & 5.0-rc2 - Local File Inclusion Exploit Author: Mohammed Althibyani Vendor Homepage: http://getflightpath.com Software Link: http://getflightpath.com/project/9/releases Version: 4.8.2 & 5.0-rc2 Tested on: Kali...

FlightPath &lt; 4.8.2 / &lt; 5.0-rc2 - Local File Inclusion

Exploit Title: FlightPath 4.8.2 & 5.0-rc2 - Local File Inclusion Date: 07-07-2019 Exploit Author: Mohammed Althibyani Vendor Homepage: http://getflightpath.com Software Link: http://getflightpath.com/project/9/releases Version: 4.8.2 & 5.0-rc2 Tested on: Kali Linux CVE : CVE-2019-13396 Parameters...

FlightPath 4.8.2 5.0-rc2 - Local File Inclusion

FlightPath 4.8.2 5.0-rc2 - Local File Inclusion Exploit Title: FlightPath 4.8.2 & 5.0-rc2 - Local File Inclusion Date: 07-07-2019 Exploit Author: Mohammed Althibyani Vendor Homepage: http://getflightpath.com Software Link: http://getflightpath.com/project/9/releases Version: 4.8.2 & 5.0-rc2 Teste...

CVE-2019-13396

FlightPath is affected by CVE-2019-13396: versions prior to 4.8.2 and 5.0-rc2 contain a Local File Inclusion vulnerability caused by include_once in system_handle_form_submit, enabling directory traversal via the form_include parameter in index.php?q=system-handle-form-submit. Impact cited includ...