AjentiCP 1.2.23.13 - Cross-Site Scripting

AjentiCP 1.2.23.13 - Cross-Site Scripting Title: AjentiCP 1.2.23.13 - Cross-Site Scripting Author: Numan OZDEMIR https://infinitumit.com.tr Vendor Homepage: ajenti.org Software Link: https://github.com/ajenti/ajenti Version: Up to v1.2.23.13 CVE: CVE-2018-18548 Description: Attacker can inject...

AjentiCP 1.2.23.13 - Cross-Site Scripting

Title: AjentiCP 1.2.23.13 - Cross-Site Scripting Author: Numan OZDEMIR https://infinitumit.com.tr Vendor Homepage: ajenti.org Software Link: https://github.com/ajenti/ajenti Version: Up to v1.2.23.13 CVE: CVE-2018-18548 Description: Attacker can inject JavaScript codes without Ajenti privileges b...

CVE-2018-18548

ajenticp aka Ajenti Docker control panel for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager...

CVE-2018-18548

ajenticp aka Ajenti Docker control panel for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager...

Design/Logic Flaw

ajenticp aka Ajenti Docker control panel for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager...

PYSEC-2018-107

ajenticp aka Ajenti Docker control panel for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager...

PYSEC-2018-107

ajenticp aka Ajenti Docker control panel for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager...

CVE-2018-18548

ajenticp aka Ajenti Docker control panel for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager...

CVE-2018-18548

AjentiCP (Ajenti) up to version 1.2.23.13 contains a Cross-site Scripting (XSS) vulnerability in File Manager caused by mishandling a filename. The issue allows an attacker to inject JavaScript that can run in an Ajenti user’s browser, enabling potentially high-risk exploitation without privilege...

AjentiCP 1.2.23.13 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications + Title: AjentiCP Dir Name Based Stored XSS dir 2- Open this directory in File Manager tool in Ajenti server admin panel. // for secure days... 0day.today 2018-10-24...

AjentiCP 1.2.23.13 Cross Site Scripting

Title: AjentiCP Dir Name Based Stored XSS dir 2- Open this directory in File Manager tool in Ajenti server admin panel. // for secure days...

CVE-2018-18398

Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploited by an arbitrary local user who creates files in /tmp before the victim uses this input method...

CVE-2018-18398

Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploited by an arbitrary local user who creates files in /tmp before the victim uses this input method...

Design/Logic Flaw

Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploited by an arbitrary local user who creates files in /tmp before the victim uses this input method...

CVE-2018-18398

CVE-2018-18398 affects Xfce Thunar 1.6.15 when used with Xfce 4.12. The issue is an out-of-bounds read causing SEGV in the IBus-Unikey input method used for file searches in File Manager. Attack scenario: a local user who first creates files in /tmp could trigger the vulnerability when the victim...

CVE-2018-18398

Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploited by an arbitrary local user who creates files in /tmp before the victim uses this input method...

CVE-2018-18324

CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.480 has XSS via the admin/fileManager2.php fmcurrentdir parameter, or the admin/index.php module, servicestart, servicefullstatus, servicerestart, servicestop, or file within the fileeditor parameter...

PT-2018-14407 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.480 Description: The issue concerns a Cross-Site Scripting XSS problem. It affects the fm current dir parameter in the "admin/fileManager2.php" endpoint, as well as the module, service start, service fullstatus,...

CVE-2018-18061

An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. Attackers can access the file manager interface that provides them with the ability to upload and delete files...

CVE-2018-18061

An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. Attackers can access the file manager interface that provides them with the ability to upload and delete files...