CVE-2020-23038

Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including non-existent path environment variables...

CVE-2020-23038

Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including non-existent path environment variables...

Cross site scripting

Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting XSS vulnerability via the 'path' parameter of the 'list' and 'download' exception-handling...

CVE-2020-23038

CVE-2020-23038 affects Swift File Transfer Mobile v1.1.2 and earlier. A path traversal/info-disclosure vulnerability exists in the path parameter, triggered by an error caused by including non-existent path environment variables. The connected sources corroborate that an unauthorized attacker cou...

CVE-2020-23038

Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error caused by including non-existent path environment variables...

CVE-2020-36486

CVE-2020-36486 affects Swift File Transfer Mobile v1.1.2 and earlier. The vulnerability is a cross-site scripting (XSS) flaw triggered by the path parameter in the app’s list and download exception handling. The root cause is insufficient validation/escaping of the path input, allowing injected s...

CVE-2020-36486

Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting XSS vulnerability via the 'path' parameter of the 'list' and 'download' exception-handling...

CVE-2020-36502

Swift File Transfer Mobile v1.1.2 was discovered to contain a cross-site scripting XSS vulnerability via the devicename parameter which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered as the device name itself...

CVE-2020-36502

CVE-2020-36502 describes an XSS vulnerability in Swift File Transfer Mobile v1.1.2, caused by the devicename parameter. The issue allows an attacker to inject and execute arbitrary web scripts or HTML when the device name is crafted, as indicated by multiple connected sources. Documented details ...

CLSA-2021-1634922414 Fixed CVE-2020-8284 in curl

trusting FTP PASV responses CVE-2020-8284...

Swift File Transfer Mobile 路径遍历漏洞

Swift File Transfer Mobile is an application by Kunal Mahajan Personal Developer. It is used to share installed applications, photos, files, folders and videos 8Mbps at high speed without using internet, data cable, mobile data, Wi-Fi, Nfc etc. A path traversal vulnerability exists in Swift File...

Dropouts Technologies Llp Air Share 跨站脚本漏洞

Dropouts Technologies Llp Air Share is a Wifi file transfer from Dropouts Technologies Llp, India. A cross-site scripting vulnerability exists in Dropouts Technologies LLP Air Share version 1.2, which allows an attacker to execute arbitrary web script or HTML via a crafted GET request...

Dropouts Technologies LLP Air Share跨站脚本漏洞

Dropouts Technologies Llp Air Share is a Wifi file transfer from Dropouts Technologies Llp, India. A cross-site scripting vulnerability exists in Dropouts Technologies LLP Air Share v1.2, which stems from the software's lack of effective filtering and escaping of the devicename parameter. This...

Swift File Transfer Mobile 跨站脚本漏洞

Swift File Transfer Mobile is an application by Kunal Mahajan Personal Developer. It is used to share installed applications, photos, files, folders and videos 8Mbps at high speed without using internet, data cable, mobile data, Wi-Fi, Nfc etc. A cross-site scripting vulnerability exists in Swift...

Swift File Transfer Mobile 跨站脚本漏洞

Swift File Transfer Mobile is an application by Kunal Mahajan Personal Developer. It is used to share installed applications, photos, files, folders, and videos at 8Mbps at high speed without the use of the Internet, data cables, mobile data, Wi-Fi, Nfc, and more. A cross-site scripting...

CVE-2021-35495

The Scheduler Connection component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server fo...

TIBCO Software JasperReports Server 访问控制错误漏洞

Tibco Software TIBCO Software JasperReports Server is an embeddable reporting server from TIBCO Software Tibco Software Inc. that provides reporting and analytics capabilities that can be embedded into web or mobile devices. An access control error vulnerability exists in various TIBCO Software...

A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations exposing possibly sensitive data in clear text over the network.

...

Huawei Pc Smart Full Scene 路径遍历漏洞

A path traversal vulnerability exists in Huawei Pc Smart Full Scene version 11.1, a full-scene intelligence solution from Huawei China. The vulnerability stems from an input validation error when the program handles directory traversal sequences. A remote attacker could exploit the vulnerability ...

[SECURITY] Fedora 33 Update: libssh-0.9.6-1.fc33

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...