2 matches found
CVE-2017-17793
BlogoText 3.7.6 and earlier: information-disclosure vulnerability in admin/maintenance.php at creer_fichier_zip. An attacker can defeat the filename-randomization protection by supplying archiv~1.zip (8.3 filename) and read backup archives on Windows servers. Root cause is a flaw in the randomiza...
[CORE-2010-0121] Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Servers
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Servers 1. Advisory Information Title: Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Serve...