PYSEC-2020-74

Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...

CVE-2020-29456

Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...

CVE-2020-12129

The AirDisk Pro app 5.5.3 for iOS allows XSS via the createFolder parameter of the Create Folder function...

CVE-2020-12129

The AirDisk Pro app 5.5.3 for iOS allows XSS via the createFolder parameter of the Create Folder function...

Cross site scripting

The AirDisk Pro app 5.5.3 for iOS allows XSS via the createFolder parameter of the Create Folder function...

CVE-2020-9461

Octech Oempro 4.7 through 4.11 allow stored XSS by an authenticated user. The FolderName parameter of the Media.CreateFolder command is vulnerable...

CVE-2020-1984

Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with ‘create folders or append data’ access to the root of the OS disk C: to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo f...

CVE-2018-18276

XSS exists in the ProFiles 1.5 component for Joomla! via the name or path parameter when creating a new folder in the administrative panel...

Cross site scripting

October CMS version prior to build 437 contains a Cross Site Scripting XSS vulnerability in the Media module and create folder functionality that can result in an Authenticated user with media module permission creating arbitrary folder name with XSS content. This attack appear to be exploitable...

FTPShell Client 5.24 - (Create NewFolder) Local Buffer Overflow

Exploit for windows platform in category local exploits ++++++++++++++++++++++++ + Exploit Title: FTPShell Client Add New Folder Local Buffer Overflow + Date: 2/2/2016 +Exploit Author: Arash Khazaei + Vendor Homepage: www.ftpshell.com +Software Link: http://www.ftpshell.com/download.htm + Version...

iUSB 1.2 Arbitrary Code Execution

Document Title: =============== iUSB v1.2 iOS - Arbitrary Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1374 Release Date: ============= 2014-12-10 Vulnerability Laboratory ID VL-ID: ==================================== 137...

iUSB v1.2 iOS - Arbitrary Code Execution Vulnerability

Document Title: =============== iUSB v1.2 iOS - Arbitrary Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1374 Release Date: ============= 2014-12-10 Vulnerability Laboratory ID VL-ID: ==================================== 137...

File Manager 4.2.10 iOS - Code Execution Vulnerability

No description provided by source. Document Title: =============== File Manager v4.2.10 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1343 Release Date: ============= 2014-10-21 Vulnerability Laboratory ID VL-ID:...

File Manager v4.2.10 iOS - Code Execution Vulnerability

Document Title: =============== File Manager v4.2.10 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1343 Release Date: ============= 2014-10-21 Vulnerability Laboratory ID VL-ID: ==================================== 13...

Get Simple CMS 3.3.3 CSRF / XSS / Clickjacking

Affected Vendor: http://get-simple.info/ Date: 23/09/2014 Discovered by: JoeV Type of vulnerability: CSRF, Click-jacking, DOM based XSS and XSS Tested on: Windows 7 Version : 3.3.3 Description: Get Simple CMS v 3.3.3 is susceptible to multiple vulnerabilities such as CSRF, Click-jacking, DOM base...

Sysax Multi Server 5.50 Create Folder BOF

No description provided by source. !/usr/bin/python Title: Sysax Multi Server 5.50 Create Folder BOF Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit and Server 2003 SP2 32bitNo DEP Date Discovered: January 13, 2012 Vendor Contacted: January 15, 2012 Vendor Response: January 16, 2012 Vendor...

Sysax Multi-Server Create Folder Buffer Overflow (CVE-2012-6530)

A buffer overflow vulnerability had been reported in Sysax Multi Server 5.64 Create Folder. The vulnerability is due to insufficient boundary check when creating a new folder. A remote attacker can exploit this weakness by entering a very long folder name. Successful exploitation could result in...

CVE-2012-6530

Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request...

FCK 0day FCKeditor create a folder,Upload a file when"." Change"_"to break-vulnerability warning-the black bar safety net

A lot of times the uploaded file for example: shell.php.rar or shell.php;. jpg becomes shellphp;. jpg this is the new version of the FCK change, try to upload 1. asp;jpg Submitted shell.php+space to get around, but the spaces only support win system is nix is not supported, shell.php and...

Sysax Multi-Server 5.64 Create Folder Buffer Overflow

Sysax Multi-Server 5.64 Create Folder Buffer Overflow. Remote exploit for windows platform $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use...