10 matches found
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via improper validation of file paths in the Downloader integration. An attacker can access arbitrary files on the system by supplying crafted path traversal sequences. Details A Directory Traversal attack also known...
CVE-2024-43022
An issue in the downloader.php component of TOSEI online store management system v4.02, v4.03, and v4.04 allows attackers to execute a directory traversal...
CVE-2024-43022
TOSEI online store management system (versions v4.02–v4.04) contains a vulnerability in the downloader.php component that enables directory traversal. The issue, described in multiple sources (NVD, Red Hat, CVE lists, CNNVD), allows an attacker to read arbitrary files on the server. Root cause is...
PT-2024-30257 · Unknown · Tosei Online Store Management System
Name of the Vulnerable Software and Affected Versions: TOSEI online store management system versions v4.02 through v4.04 Description: An issue in the downloader.php component allows attackers to execute a directory traversal. Recommendations: For versions v4.02 through v4.04, consider disabling t...
NVIDIA GeForce Experience Downloader Component Input Validation Error Vulnerability
NVIDIA GeForce Experience is a set of automatic graphics card update tools from NVIDIA. NVIDIA GeForce Experience is a suite of automatic graphics card update tools from NVIDIA that automatically updates graphics card drivers and supports performance management and optimization of the graphics...
CVE-2019-5689
NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of service, or...
CVE-2019-5689
NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability in the Downloader component in which a user with local system access can craft input that may allow malicious files to be downloaded and saved. This behavior may lead to code execution, denial of service, or...
Scranos: New Rapidly Evolving Rootkit-Enabled Spyware Discovered
A new powerful rootkit-enabled spyware operation has been discovered wherein hackers are distributing multifunctional malware disguised as cracked software or trojanized app posing as legitimate software like video players, drivers and even anti-virus products. While the rootkit malware—dubbed...
PokerAgent botnet stole over 16,000 Facebook credentials
PokerAgent botnet was discovered in 2012 by ESET Security Research Lab, which is a Trojan horse designed to harvest Facebook log-on credentials, also collecting information on credit card details linked to the Facebook account and Zynga Poker player stats. According to latest report, the botnet i...
PokerAgent botnet stole over 16,000 Facebook credentials
PokerAgent botnet was discovered in 2012 by ESET Security Research Lab, which is a Trojan horse designed to harvest Facebook log-on credentials, also collecting information on credit card details linked to the Facebook account and Zynga Poker player stats. According to latest report, the botnet i...