31 matches found
Cross site scripting
Biscom Secure File Transfer versions 5.0.0.0 trough 5.1.1024 are vulnerable to post-authentication persistent cross-site scripting XSS in the "Name" and "Description" fields of a Workspace, as well as the "Description" field of a File Details pane of a file stored in a Workspace. This issue has...
CVE-2017-5241
Biscom Secure File Transfer versions 5.0.0.0 trough 5.1.1024 are vulnerable to post-authentication persistent cross-site scripting XSS in the "Name" and "Description" fields of a Workspace, as well as the "Description" field of a File Details pane of a file stored in a Workspace. This issue has...
CVE-2017-5241
Biscom Secure File Transfer versions 5.0.0.0 trough 5.1.1024 are vulnerable to post-authentication persistent cross-site scripting XSS in the "Name" and "Description" fields of a Workspace, as well as the "Description" field of a File Details pane of a file stored in a Workspace. This issue has...
MS13-081: Description of the security update for USB drivers: October 8, 2013
MS13-081: Description of the security update for USB drivers: October 8, 2013 INTRODUCTION Microsoft has released security bulletin MS13-081. To view the complete security bulletin, go to one of the following Microsoft websites: Home users:...
CVE-2014-8761
inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call...
Code injection
inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call...
CVE-2014-8761
inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call...
CVE-2014-8761
inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call...
CVE-2014-8761
CVE-2014-8761 affects DokuWiki: inc/template.php allowed access to root namespace, enabling remote access to arbitrary images via the media file details AJAX call. Connected advisories (Mageia MGASA-2014-0438; Mandriva MDVSA-2015:185; Debian DSA-3059-1; OSV entries) confirm multiple vendors relea...
CVE-2014-8761
inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call...
WordPress timthumb. php remote file storage vulnerability analysis-vulnerability warning-the black bar safety net
Source:http://xuser. org/read. php? 1 8 作者 :xuser@fsafe Today on Twitter, see the About wordpress appeared vulnerability, then hastened to open the relevant page of the analysis of specific causes found to be timthumb. php remote storage file when the validation is insufficient and the resulting...