Lucene search
K

5638 matches found

Exploit DB
Exploit DB
added 2002/08/23 12:0 a.m.21 views

Microsoft Internet Explorer 5/6 - XML Redirect File Disclosure

source: https://www.securityfocus.com/bid/5560/info A flaw in Microsoft Internet Explorer may reveal the entire contents of XML files and partial contents of other files to attackers. This vulnerability allows an attacker to read the entire contents of XML files, and fragments of other files,...

7AI score
Exploits0
exploitpack
exploitpack
added 2002/08/19 12:0 a.m.17 views

Ilia Alshanetsky FUDForum 1.2.81.9.82.0.2 - File Disclosure

Ilia Alshanetsky FUDForum 1.2.81.9.82.0.2 - File Disclosure source: https://www.securityfocus.com/bid/5501/info Reportedly, FUDForum may disclose contents of arbitrary files to attackers. The vulnerability is the result of FUDForum failing to check the path of the file that is being requested. By...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2002/08/19 12:0 a.m.30 views

Ilia Alshanetsky FUDForum 1.2.8/1.9.8/2.0.2 - File Disclosure

source: https://www.securityfocus.com/bid/5501/info Reportedly, FUDForum may disclose contents of arbitrary files to attackers. The vulnerability is the result of FUDForum failing to check the path of the file that is being requested. By simply making malicious requests via URI parameters, an...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/08/17 12:0 a.m.7 views

Microsoft Internet Explorer 456 - XML Datasource Applet File Disclosure

Microsoft Internet Explorer 456 - XML Datasource Applet File Disclosure source: https://www.securityfocus.com/bid/5490/info A problem in Microsoft Internet Explorer could lead to the disclosure of sensitive information. Due to the design of the datasource applet, it may be possible for a user to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/08/17 12:0 a.m.42 views

Microsoft Internet Explorer 4/5/6 - XML Datasource Applet File Disclosure

source: https://www.securityfocus.com/bid/5490/info A problem in Microsoft Internet Explorer could lead to the disclosure of sensitive information. Due to the design of the datasource applet, it may be possible for a user to view the contents of local files via a remote page. By building a...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/08/14 12:0 a.m.198 views

Trend Micro OfficeScan ofcscan.ini Configuration File Disclosure

The remote Trend Micro OfficeScan Corporate Edition Japanese version: Virus Buster Corporate Edition web-based management console allows unauthenticated access to files under '/officescan/hotdownload'. Reading the configuration file 'ofcscan.ini' under that location will reveal information about...

5CVSS5.8AI score0.02414EPSS
Exploits0References3
securityvulns
securityvulns
added 2002/07/31 12:0 a.m.30 views

[ADVISORY]: Arbitrary file disclosure vulnerability in Sympoll 1.2

Sympoll is a customizable voting booth system written in PHP. A missing variable integrity check allows arbitrary files to be viewed on a web server that hosts Sympoll version 1.2. Hosts that have disabled the registerglobals directive in their php.ini file are not at risk. This vulnerability was...

1.9AI score
Exploits0
exploitpack
exploitpack
added 2002/07/23 12:0 a.m.18 views

Opera 6.0.1 Microsoft Internet Explorer 56 - JavaScript Modifier Keypress Event Subversion

Opera 6.0.1 Microsoft Internet Explorer 56 - JavaScript Modifier Keypress Event Subversion source: https://www.securityfocus.com/bid/5290/info An issue has been reported with the JavaScript implementation of multiple web browsers, including Microsoft Internet Explorer and Opera. Malicious...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2002/07/23 12:0 a.m.25 views

Opera 6.0.1 / Microsoft Internet Explorer 5/6 - JavaScript Modifier Keypress Event Subversion

source: https://www.securityfocus.com/bid/5290/info An issue has been reported with the JavaScript implementation of multiple web browsers, including Microsoft Internet Explorer and Opera. Malicious JavaScript may subvert some keypress events, with consequences including the disclosure of arbitra...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/07/13 12:0 a.m.63 views

Three BadBlue Vulnerabilities

Advisory: Working Resources BadBlue Multiple Vulnerabilities Issue: Three vulnerabilities; a denial of service, an insecurity in password storage, and a file disclosure vulnerability that could allow viewing of the password file. Risk: Critical SecurityFocus: "Working Resources BadBlue Invalid Ge...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2002/07/09 12:0 a.m.20 views

iPlanet Web Server 4.1 - Search Component File Disclosure

iPlanet Web Server 4.1 - Search Component File Disclosure source: https://www.securityfocus.com/bid/5191/info The iPlanet Web Server search engine is prone to a file disclosure vulnerability. It is possible for remote attackers to make requests to the search engine which will cause arbitrary...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2002/07/09 12:0 a.m.31 views

iPlanet Web Server 4.1 - Search Component File Disclosure

source: https://www.securityfocus.com/bid/5191/info The iPlanet Web Server search engine is prone to a file disclosure vulnerability. It is possible for remote attackers to make requests to the search engine which will cause arbitrary readable files on the host running the vulnerable software to ...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/06/17 12:0 a.m.20 views

Wolfram Research webMathematica 4.0 - File Disclosure

Wolfram Research webMathematica 4.0 - File Disclosure source: https://www.securityfocus.com/bid/5035/info Wolfram Research's webMathematica is a Java based product which allows the inclusion of Mathematica content in a web environment. It includes CGI programs which generate image content based o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/06/17 12:0 a.m.34 views

Wolfram Research webMathematica 4.0 - File Disclosure

source: https://www.securityfocus.com/bid/5035/info Wolfram Research's webMathematica is a Java based product which allows the inclusion of Mathematica content in a web environment. It includes CGI programs which generate image content based on user supplied input. A file disclosure vulnerability...

7AI score
Exploits0
exploitpack
exploitpack
added 2002/06/15 12:0 a.m.15 views

My Postcards 6.0 - MagicCard.cgi Arbitrary File Disclosure

My Postcards 6.0 - MagicCard.cgi Arbitrary File Disclosure source: https://www.securityfocus.com/bid/5029/info My Postcards is a commercial available eletronic postcard system. It is available for Unix and Linux Operating Systems. The magiccard.cgi script does not properly handle some types of...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/06/15 12:0 a.m.29 views

My Postcards 6.0 - 'MagicCard.cgi' Arbitrary File Disclosure

source: https://www.securityfocus.com/bid/5029/info My Postcards is a commercial available eletronic postcard system. It is available for Unix and Linux Operating Systems. The magiccard.cgi script does not properly handle some types of input. As a result, it may be possible for a remote user to...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/06/13 12:0 a.m.13 views

Working Resources 1.7.3 BadBlue - Null Byte File Disclosure

Working Resources 1.7.3 BadBlue - Null Byte File Disclosure source: https://www.securityfocus.com/bid/5226/info BadBlue is a P2P file sharing application distributed by Working Resources. It is available for Microsoft Windows operating systems. It has been discovered that a request passed to a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/06/13 12:0 a.m.26 views

Working Resources 1.7.3 BadBlue - Null Byte File Disclosure

source: https://www.securityfocus.com/bid/5226/info BadBlue is a P2P file sharing application distributed by Working Resources. It is available for Microsoft Windows operating systems. It has been discovered that a request passed to a BadBlue server containing a null byte at the end of a file nam...

7AI score
Exploits0
CVE
CVE
added 2002/06/11 4:0 a.m.40 views

CVE-2002-0410

CVE-2002-0410 (AeroMail) affects AeroMail before 1.45. The vulnerability is in send_message.php, allowing remote attackers to read arbitrary server files instead of only uploaded ones by crafting the attachment filename during upload. This is caused by improper handling of file path/filename duri...

5CVSS7.1AI score0.02759EPSS
Exploits1References5Affected Software1
exploitpack
exploitpack
added 2002/06/08 12:0 a.m.7 views

Seanox DevWex Windows Binary 1.2002.520 - File Disclosure

Seanox DevWex Windows Binary 1.2002.520 - File Disclosure source: https://www.securityfocus.com/bid/4978/info The Seanox DevWex Windows binary version is prone to an issue which may cause arbitrary web-readable files to be disclosed to remote attackers. This problem occurs because DevWex does not...

7.4AI score
Exploits0
Rows per page
Query Builder