3141 matches found
Ajax File Manager - Directory Traversal
Exploit Title: Ajax File Manager DirectoryTraversal Google Dork: inurl: "plugins/ajaxfilemanager" Date: 03/07/2014 Exploit Author: Eduardo Alves edudx9 Vendor Homepage: phpletter.com Software Link: http://phpletter.com/Demo/Ajax-File--Manager/ Version: app version - All Tested on: Windows/Linux...
GNU Midnight Commander: User-assisted execution of arbitrary code
Background GNU Midnight Commander is a text based file manager. Description GNU Midnight Commander does not properly sanitize environment variables. Impact A remote attacker could entice a user to open a specially crafted archive file using GNU Midnight Commander, possibly resulting in execution ...
Office Assistant Pro 2.2.2 Local File Inclusion
Document Title: =============== Office Assistant Pro v2.2.2 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1197 Release Date: ============= 2014-02-13 Vulnerability Laboratory ID VL-ID: ==================================...
Office Assistant Pro v2.2.2 iOS - File Include Vulnerability
Document Title: =============== Office Assistant Pro v2.2.2 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1197 Release Date: ============= 2014-02-12 Vulnerability Laboratory ID VL-ID: ==================================...
gpEasy 4.3.x XSS / File Inclusion / Shell Upload
Document Title: =============== gpEasy v4.3.x CMS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1189 Release Date: ============= 2014-02-06 Vulnerability Laboratory ID VL-ID: ==================================== 1189 Comm...
CVE-2014-0804
Directory traversal vulnerability in the CGENE Security File Manager Pro application 1.0.6 and earlier, and Security File Manager Trial application 1.0.6 and earlier, for Android allows attackers to overwrite or create arbitrary files via unspecified vectors...
Directory traversal
Directory traversal vulnerability in the CGENE Security File Manager Pro application 1.0.6 and earlier, and Security File Manager Trial application 1.0.6 and earlier, for Android allows attackers to overwrite or create arbitrary files via unspecified vectors...
CVE-2014-0804
Directory traversal vulnerability in the CGENE Security File Manager Pro application 1.0.6 and earlier, and Security File Manager Trial application 1.0.6 and earlier, for Android allows attackers to overwrite or create arbitrary files via unspecified vectors...
CVE-2014-0804
CVE-2014-0804 affects CGENE Security File Manager Pro/Trial for Android (versions ≤ 1.0.6). Root cause: directory traversal (CWE-22) in processing file names, enabling a remote, unauthenticated attacker to create or overwrite arbitrary files in directories the app can access. Impact: arbitrary fi...
Security File Manager vulnerable to directory traversal
Overview Security File Manager provided by CGENE Inc contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
USB Malware Targeting Siemens Control Software (Update C)
Overview VirusBlokAda, an antivirus vendor based in Belarus, announcedVirusBlokAda, http://www.anti-virus.by/en/tempo.shtml, website last visited July 15, 2010. the discovery of malware that uses a zero-day vulnerability in Microsoft Windows processing of shortcut files. The malware utilizes this...
FileMaster SY-IT v3.1 iOS - Multiple Web Vulnerabilities
Document Title: =============== FileMaster SY-IT v3.1 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1170 Release Date: ============= 2013-12-15 Vulnerability Laboratory ID VL-ID: ====================================...
Veno File Manager - q Arbitrary File Download
Veno File Manager - q Arbitrary File Download source: https://www.securityfocus.com/bid/64346/info Veno File Manager is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit this...
Veno File Manager Arbitrary File Download
Exploit Title : Veno File Manager Arbitrary File Download Vulnerability Google Dork : allintitle: "Veno File Manager" Date : 10/12/2013 Exploit Author : Daniel Godoy Vendor Homepage :...
Veno File Manager - 'q' Arbitrary File Download
source: https://www.securityfocus.com/bid/64346/info Veno File Manager is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to download arbitrary files within the...
Imagam iFiles v1.16.0 iOS - Multiple Web Vulnerabilities
Document Title: =============== Imagam iFiles v1.16.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1160 Release Date: ============= 2013-12-03 Vulnerability Laboratory ID VL-ID: ====================================...
Directory traversal
Directory traversal vulnerability in Easytime Studio Easy File Manager 1.1 for iOS allows remote attackers to read arbitrary files via a ..%2f encoded dot dot slash to the default URI...
CVE-2013-3921
Directory traversal vulnerability in Easytime Studio Easy File Manager 1.1 for iOS allows remote attackers to read arbitrary files via a ..%2f encoded dot dot slash to the default URI...
CVE-2013-3921
CVE-2013-3921 affects Easytime Studio Easy File Manager 1.1 for iOS. It is a directory traversal vulnerability that allows remote attackers to read arbitrary files by sending a request with an encoded dot-dot path (..%2f) to the default URI. Impact listed in sources indicates partial confidential...
phpmyfaq -- arbitrary PHP code execution vulnerability
The phpMyFAQ team reports: Secunia noticed while analysing the advisory that authenticated users with "Right to add attachments" are able to exploit an already publicly known issue in the bundled Ajax File Manager of phpMyFAQ version 2.8.3, which leads to arbitrary PHP code execution for...