3143 matches found
CVE-2017-11421
gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a local attack if the victim uses the GNOME Files file manager, and navigates to a directory containing a .msi file with VBScript code in its filename...
CVE-2017-11421
gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a local attack if the victim uses the GNOME Files file manager, and navigates to a directory containing a .msi file with VBScript code in its filename...
Fedora 26 : tnef (2017-ab43d1d240)
Release 1.4.14 includes security bug fixes introduced in 1.4.13 and a further bug fix. The tnef-dolphin file manager integration is updated to suit the kf5/qt5 base. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...
PHP file inclusion in the back end
Date : 2017-07-12 CVE ID : CVE-2017-10993 Description A logged in back end user can include arbitrary PHP files by manipulating an URL parameter. Since Contao does not allow to upload PHP files in the file manager, the attack is limited to the existing PHP files on the server. Affected versions...
WordPress Photo Gallery 1.3.34 / 1.3.42 Path Traversal
Details ================ Software: Photo Gallery Version: 1.3.34,1.3.42 Homepage: https://wordpress.org/plugins/photo-gallery/ Advisory report: https://security.dxw.com/advisories/path-traversal-in-photo-gallery-may-allow-admins-to-read-most-files-on-the-filesystem/ CVE: Awaiting assignment CVSS:...
File Manager (File transfer) - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application File Manager File transfer published at the 'play' market has multiple vulnerabilities...
X-plore File Manager - Customized SSL, Exported ContentProvider, MIT license vulnerabilities
HackApp vulnerability scanner discovered that application X-plore File Manager published at the 'play' market has multiple vulnerabilities...
[SECURITY] Fedora 26 Update: pcmanfm-1.2.5-2.fc26
PCMan File Manager is an extremly fast and lightweight file manager which features tabbed browsing and user-friendly interface...
[SECURITY] Fedora 24 Update: pcmanfm-1.2.5-2.fc24
PCMan File Manager is an extremly fast and lightweight file manager which features tabbed browsing and user-friendly interface...
[SECURITY] Fedora 25 Update: pcmanfm-1.2.5-2.fc25
PCMan File Manager is an extremly fast and lightweight file manager which features tabbed browsing and user-friendly interface...
Fedora 24 : tnef (2017-7de130a80d)
Release 1.4.14 includes security bug fixes introduced in 1.4.13 and a further bug fix. The tnef-dolphin file manager integration is updated to suit the kf5/qt5 base. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...
concrete5 8.1.0 Thumbnail Editor CSRF Vulnerability
Exploit for php platform in category web applications +-------------------------------------------------------------+ | Vulnerable Software: Concrete5 CMS | | Vendor: http://www.concrete5.org/ | | Vulnerability Type: CSRF to DoS disables installation | | Date Released: 23/04/2017 | | Released by:...
simple-file-manager Path Traversal Vulnerability
simple-file-manager is a web-based file management utility. A path traversal vulnerability exists in versions of simple-file-manager prior to 2017-04-26. An attacker could use this vulnerability to read files...
concrete5 8.1.0 Thumbnail Editor CSRF / DoS
| \ | \ | | | | | | / \ | | | |/ / | |/ / | | | | | | | | | / / | | | / | / | | | | | | | | | | | | | | | |\ \ \ / / // / | | | /\ | | | | | / / / / / | | | \ | | / | | | / \ | | | | | \ | | | | \ \ / / | | | | | \ --. | | | / / | | | | | |/ / | | | | \ V / | | | . | --. \ | | | | | |...
Path traversal
A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index.php the sole "Simple PHP File Manager" component...
CVE-2017-8297
A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index.php the sole "Simple PHP File Manager" component...
CVE-2017-8297
A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index.php the sole "Simple PHP File Manager" component...
CVE-2017-8297
CVE-2017-8297 describes a path traversal vulnerability in the Simple PHP File Manager component (simple-file-manager) prior to 2017-04-26, affecting index.php. The issue is documented across multiple sources as allowing traversal to read files, with CVSS estimates indicating high to critical seve...
CVE-2017-8297
A path traversal vulnerability exists in simple-file-manager before 2017-04-26, affecting index.php the sole "Simple PHP File Manager" component...
Easy File Uploader Remote Shell Upload
Exploit Title: Easy File Uploader - Arbitrary File Upload Date: 27/04/2017 Exploit Author: Daniel Godoy Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/easy-file-uploader-php-multiple-uploader-with-file-manager/17222287 Tested on: GNU/Linux GREETZ: Rodrigo...