70 matches found
CVE-2014-3877
CVE-2014-3877 affects Frams"e; Fast File EXchange (F*EX, fex) prior to fex-20140530. The issue is an incomplete blacklist that allows remote XSS via the addto parameter to fup. Connected advisories confirm multiple vendors/publications (e.g., Debian DLA-68-1) documenting fex exposure and release ...
CVE-2014-3876
Multiple cross-site scripting XSS vulnerabilities in Frams' Fast File EXchange FEX, aka fex before fex-20140530 allow remote attackers to inject arbitrary web script or HTML via the 1 akey parameter to rup or 2 disclaimer or 3 gm parameter to fuc...
LSE Leading Security Experts GmbH - LSE-2014-05-22 - F*EX - Multiple Issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 === LSE Leading Security Experts GmbH - Security Advisory 2014-05-22 === FEX Frams' Fast File EXchange - Multiple Issues - - --------------------------------------------------------------------- Affected Versions ================= FEX Frams' Fast File...
CVE-2012-1293
Multiple cross-site scripting XSS vulnerabilities in fup in Frams' Fast File EXchange FEX, aka fex before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the 1 to or 2 from parameters...
CVE-2012-0869
Cross-site scripting XSS vulnerability in fup in Frams' Fast File EXchange FEX, aka fex before 20120215 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2012-1293
Multiple cross-site scripting XSS vulnerabilities in fup in Frams' Fast File EXchange FEX, aka fex before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the 1 to or 2 from parameters...
DEBIAN-CVE-2012-1293
Multiple cross-site scripting XSS vulnerabilities in fup in Frams' Fast File EXchange FEX, aka fex before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the 1 to or 2 from parameters...
CVE-2012-1293
Multiple cross-site scripting XSS vulnerabilities in fup in Frams' Fast File EXchange FEX, aka fex before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the 1 to or 2 from parameters...
CVE-2012-0869
CVE-2012-0869 concerns FEX (Frams’ Fast File Exchange) via the vulnerable fup script. The issue is a Cross-Site Scripting (XSS) vulnerability exploitable through the id parameter, due to insufficient input sanitization. Affected product: F EX’s web service (fex) and its fup component, prior to 20...
CVE-2012-0869
Cross-site scripting XSS vulnerability in fup in Frams' Fast File EXchange FEX, aka fex before 20120215 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
Qubes OS Release Enhances Security Via Domain Isolation
With the deluge of malware and advanced attacks continuing unabated, security approaches that sandbox applications or isolate processes are garnering increased attention. Researcher Joanna Rutkowska and Invisible Things Lab were the latest to go in that direction with the official release on...
F*EX 20111129-2 Cross Site Scripting Vulnerability
------------------------------------------------------------------------ FEX 20111129-2 Cross Site Scripting Vulnerability ------------------------------------------------------------------------ title.............: FEX 20111129-2 Cross Site Scripting Vulnerabilities author............: muuratsal...
F*EX 20100208 Cross Site Scripting
------------------------------------------------------------------------ FEX = 20100208 Cross Site Scripting Vulnerabilities ------------------------------------------------------------------------ title.............: FEX = 20100208 Cross Site Scripting Vulnerabilities author............:...
CVE-2011-1409
Frams's Fast File EXchange FEX, aka fex 20100208, and possibly other versions before 20110610, allows remote attackers to bypass authentication and upload arbitrary files via a request that lacks an authentication ID...
CVE-2011-1409
Frams's Fast File EXchange FEX, aka fex 20100208, and possibly other versions before 20110610, allows remote attackers to bypass authentication and upload arbitrary files via a request that lacks an authentication ID...
Authentication flaw
Frams's Fast File EXchange FEX, aka fex 20100208, and possibly other versions before 20110610, allows remote attackers to bypass authentication and upload arbitrary files via a request that lacks an authentication ID...
CVE-2011-1409
CVE-2011-1409 affects Frams’s Fast File EXchange (F*EX, fex). The vulnerability allows an unauthenticated remote attacker to bypass authentication and upload arbitrary files via a request that omits an authentication ID, potentially impacting confidentiality and integrity. The issue is documented...
CVE-2011-1409
Frams's Fast File EXchange FEX, aka fex 20100208, and possibly other versions before 20110610, allows remote attackers to bypass authentication and upload arbitrary files via a request that lacks an authentication ID...
Big Sister File Exchange Server 0.03 Disclosure
Application Name : Big Sister File Exchange Server 0.03 Vulnerable Type : Arbitrary Db Config Download Vulnerability Infection : SQL Info Get... Author : Septemb0x Script Down.& WebSite : http://sourceforge.net/projects/bigsifes/files/bigsifes/bigsifes-0.03.tgz EXPLOIT : http://target/path/config...
[SECURITY] Fedora 9 Update: mldonkey-3.0.0-1.fc9
MLDonkey is a door to the 'donkey' network, a decentralized network used to exchange big files on the Internet. It is written in a wonderful language, called Objective-Caml, and present most features of the basic Windows donkey client, plus some more: - It should work on most UNIX-compatible...