38 matches found
EUVD-2017-17774
Malware in sbrugna...
EUVD-2017-18185
Malware in sbrugna...
EUVD-2017-18030
Malware in sbrugna...
EUVD-2017-18029
Malware in sbrugna...
EUVD-2017-17790
Malware in sbrugna...
CVE-2017-9091
/admin/loginc.php in Allen Disk 1.6 doesn't check if isset$SESSION'captcha''code' == 1, which leads to CAPTCHA bypass by emptying $POST'captcha'...
CVE-2017-9090
reg.php in Allen Disk 1.6 doesn't check if isset$SESSION'captcha''code'==1, which makes it possible to bypass the CAPTCHA via an empty $POST'captcha'...
CVE-2017-8848
Allen Disk 1.6 has CSRF in setpass.php with an impact of changing a password...
Allen Disk Cross-Site Request Forgery Vulnerability (CNVD-2017-11653)
Allen Disk is a free, open source cloud-based hard disk product that features encrypted file storage, online preview, file sharing and more. A cross-site request forgery vulnerability exists in the remotedownload.php file in Allen Disk version 1.6. A remote attacker can exploit this vulnerability...
Allen Disk Cross-Site Scripting Vulnerability
Allen Disk is a free, open source cloud-based hard disk product that features encrypted file storage, online preview, file sharing and more. A cross-site scripting vulnerability exists in Allen Disk version 1.6. A remote attacker can inject arbitrary web script or HTML by uploading a specially...
CVE-2017-9307
SSRF vulnerability in remotedownload.php in Allen Disk 1.6 allows remote authenticated users to conduct port scans and access intranet servers via a crafted file parameter...
CVE-2017-9307
SSRF vulnerability in remotedownload.php in Allen Disk 1.6 allows remote authenticated users to conduct port scans and access intranet servers via a crafted file parameter...
CVE-2017-9307
The CVE-2017-9307 entry concerns a known SSRF issue in Allen Disk 1.6, specifically in remotedownload.php, where a crafted file parameter can be used by remote authenticated users to perform port scans and reach internal network services. The related connected documents corroborate that remotedow...
CVE-2017-9249
Cross-site scripting XSS vulnerability in Allen Disk 1.6 allows remote authenticated users to inject arbitrary web script or HTML persistently by uploading a crafted HTML file. The attack vector is the content of this file, and the filename must be specified in the PATHINFO to readfile.php...
CVE-2017-9249
Cross-site scripting XSS vulnerability in Allen Disk 1.6 allows remote authenticated users to inject arbitrary web script or HTML persistently by uploading a crafted HTML file. The attack vector is the content of this file, and the filename must be specified in the PATHINFO to readfile.php...
Cross site scripting
Cross-site scripting XSS vulnerability in Allen Disk 1.6 allows remote authenticated users to inject arbitrary web script or HTML persistently by uploading a crafted HTML file. The attack vector is the content of this file, and the filename must be specified in the PATHINFO to readfile.php...
CVE-2017-9249
Cross-site scripting XSS vulnerability in Allen Disk 1.6 allows remote authenticated users to inject arbitrary web script or HTML persistently by uploading a crafted HTML file. The attack vector is the content of this file, and the filename must be specified in the PATHINFO to readfile.php...
CVE-2017-9249
The CVE-2017-9249 entry describes a Cross-Site Scripting (XSS) vulnerability in Allen Disk 1.6. The issue enables remote authenticated users to persistently inject arbitrary web script or HTML by uploading a crafted HTML file, with the attack vector being the contents of that file and the filenam...
Allen Disk Security Bypass Vulnerability
Allen Disk is a free, open source cloud-based hard disk product that features encrypted file storage, online preview, file sharing and more. A security bypass vulnerability exists in the reg.php file in Allen Disk version 1.6. An attacker can exploit this vulnerability to bypass CAPTCHA with the...
CVE-2017-9090
reg.php in Allen Disk 1.6 doesn't check if isset$SESSION'captcha''code'==1, which makes it possible to bypass the CAPTCHA via an empty $POST'captcha'...