118 matches found
JVN#07497935: Multiple Yokka provided products may insecurely load executable files
Multiple products provided by Yokka such as text editors, contain an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the privilege of running the application. Solution Update the Software Update to the latest version...
Lhasa may insecurely load executable files
Overview Lhasa may use unsafe methods for determining how to load executables .exe. Lhasa is a file extraction software that supports LZH and ZIP formats. Lhasa loads certain executables .exe when extracting files. Lhasa contains an issue with the file search path, which may insecurely load...
Accela BizSearch Access Control Bypass Vulnerability
Overview The local file seraching function in IntelligentSearch and Accela BizSearch is prone to an access control bypass vulnerability. Impact Users without permission can access restricted files on the local Windows machine via the BizSearch search results. Solution Please refer to the 'Vendor...
Options for Local Security Checks
This script allows users to set some Options for Local Security Checks which are stored in the knowledge base and used by other tests. Description of the options: - Also use SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...
Soulseek buffer overflow
Buffer overflow on file search functionality...
Cross site scripting
Cross-site scripting XSS vulnerability in textfilesearch.asp in the Text File Search ASP Classic edition allows remote attackers to inject arbitrary web script or HTML via the query parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in textfilesearch.aspx in the Text File Search ASP.NET edition allows remote attackers to inject arbitrary web script or HTML via the search field...
CVE-2007-4433
Cross-site scripting XSS vulnerability in textfilesearch.aspx in the Text File Search ASP.NET edition allows remote attackers to inject arbitrary web script or HTML via the search field...
CVE-2007-4434
Cross-site scripting XSS vulnerability in textfilesearch.asp in the Text File Search ASP Classic edition allows remote attackers to inject arbitrary web script or HTML via the query parameter...
CVE-2007-4434
Cross-site scripting XSS vulnerability in textfilesearch.asp in the Text File Search ASP Classic edition allows remote attackers to inject arbitrary web script or HTML via the query parameter...
CVE-2007-4433
Cross-site scripting XSS vulnerability in textfilesearch.aspx in the Text File Search ASP.NET edition allows remote attackers to inject arbitrary web script or HTML via the search field...
aspnet-xss.txt
ASP.NET version of Text File Search XSS Vulnerability Software: ASP.NET version of Text File Search download: http://www.aspindir.com/goster/5084 demo: http://aspnet.asp101.com/samples/textfilesearch.aspx Found By: GeFORC3 G3 Example & Exploit : You write xss code in ASP.NET version of Text File...
tfsc-xss.txt
Text File Search Classic ASP Sample Code XSS Vulnerability Software: Text File Search Classic ASP Sample Code download: http://www.aspindir.com/goster/5087 demo: http://www.asp101.com/samples/textfilesearch.asp Found By: GeFORC3 G3 Exploit: This xss works on Text File Search Classic ASP Sample...
Cahier de texte 2.0 - Database Backup Source Disclosure
Cahier de texte 2.0 - Database Backup Source Disclosure !/usr/bin/perl INFORMATIONS ============ Affected.scr..: Cahier de texte V2.0 Poc.ID........: 15061124 Type..........: Predictable backup filename, Source disclosure Risk.level....: High Conditions....: registerglobals = on Src.download..:...
CentOS 3 : slocate (CESA-2005:345)
An updated slocate package that fixes a denial of service and various bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Slocate is a security-enhanced version of locate. Like locate, slocate searches through a central database...
With a batch of home batch write hung it to the code-vulnerability warning-the black bar safety net
Author: nerve-wracking Previously in online found a batch of home added to the hanging horse generation to horse software,you have the idea with the batch to achieve this functionality Today I learned the point of the batch,just came up with,not so perfect,or then again...later in the modified Us...
slocate file search utility DoS
updatedb fails to handle long directory paths...
Еще одна дырка в Inexing Service из Windows 2000 (ixsso.query ActiveX)
При включенной службе Indexing Service ActiveX-компанент разрешенный для использования через Web позволяет провести поиск по локальным файлам...