150 matches found
Skype v8.x - History Export v7 Web Vulnerability
Document Title: =============== Skype v8.x - History Export v7 Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2187 Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2019/08/11/skype MSRC: VULN-007910 Release Date:...
CVE-2019-17294
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user...
Sql injection
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user...
CVE-2019-17294
CVE-2019-17294 – SugarCRM export SQL injection is reported in SugarCRM before 8.0.4 and 9.x before 9.0.2. The issue arises in the export function, where a Regular user can exploit insufficient input validation to inject SQL. The cited sources consistently describe an authenticated, regular-user p...
CVE-2019-17294
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user...
LiveZilla Server CSV Injection Vulnerability
LiveZilla is a free online customer service system, based on PHP architecture, can run on Linux hosts or windows hosts, mainly divided into the client, server and server side LiveZilla Server. LiveZilla Server 8.0.1.1 before the version of the export function exists CSV injection vulnerability, a...
CVE-2019-12961
LiveZilla Server before 8.0.1.1 is vulnerable to CSV Injection in the Export Function...
Input validation
LiveZilla Server before 8.0.1.1 is vulnerable to CSV Injection in the Export Function...
CVE-2019-12961
LiveZilla Server before 8.0.1.1 is vulnerable to CSV Injection in the Export Function...
Path traversal
A local file inclusion vulnerability exists in the web interface of Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1TRUNK-20180914.bin devices. When the export function is called from system/maintenance/export.php, it accepts the path provided by the user, leading to path traversal via...
CVE-2019-7387
A local file inclusion vulnerability exists in the web interface of Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1TRUNK-20180914.bin devices. When the export function is called from system/maintenance/export.php, it accepts the path provided by the user, leading to path traversal via...
WebDAV Server Serving DLL
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Serve DLL via webdav server', 'Description' = %q This module simplifies the rundll32.exe Application Whitelisting Bypass technique. The module...
Serve DLL via webdav server
This module simplifies the rundll32.exe Application Whitelisting Bypass technique. The module creates a webdav server that hosts a dll file. When the user types the provided rundll32 command on a system, rundll32 will load the dll remotly and execute the provided export function. The export...
CVE-2017-5381
The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This vulnerability affects Firefox 51...
CVE-2017-5381
The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This vulnerability affects Firefox 51...
CVE-2017-5381
CVE-2017-5381 affects Firefox
CVE-2017-5381
The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This vulnerability affects Firefox 51...
CVE-2018-9841
The export function in libavfilter/vfsignature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a long filename...
UBUNTU-CVE-2018-9841
The export function in libavfilter/vfsignature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a long filename...
CVE-2018-9841
CVE-2018-9841 affects FFmpeg up to 3.4.2; the export function in libavfilter/vf_signature.c can be triggered by a long filename to cause a denial of service via out-of-bounds access (unspecified other impact). Public references (NVD, CNVD, OSV, Gentoo GLSA) confirm FFmpeg involvement and 3.4.2 li...