PYSEC-2015-26

Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...

UBUNTU-CVE-2015-6938

Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...

CVE-2015-6938

Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...

Openfire 3.10.2 Arbitrary File Upload

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-FILE-UPLOAD.txt Vendor: ========================================= www.igniterealtime.org/projects/openfire www.igniterealtime.org/downloads/index.jsp Product:...

Ajax File Browser settings.inc.php File Inclusion (CVE-2007-4921)

A remote file inclusion vulnerability has been reported in Ajax File Browser. The vulnerability is due to lack of sanitization for user-supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected systems...

[SECURITY] Fedora 21 Update: less-471-4.fc21

The less utility is a text file browser that resembles more, but has more capabilities. Less allows you to move backwards in the file as well as forwards. Since less doesn't have to read the entire input file before it starts, less starts up more quickly than text editors for example, vi. You...

[SECURITY] Fedora 22 Update: less-471-4.fc22

The less utility is a text file browser that resembles more, but has more capabilities. Less allows you to move backwards in the file as well as forwards. Since less doesn't have to read the entire input file before it starts, less starts up more quickly than text editors for example, vi. You...

WordPress PDW File Browser Plugin <= 0.9.4.1 - Bypass

This plugin is prone to an upload.php arbitrary file upload vulnerability. Solution Update plugin...

WordPress PDW File Browser Plugin <= 0.9.4.1 - Bypass

This plugin is prone to an upload.php arbitrary file upload vulnerability. Solution Update plugin...

WordPress s2member Secure File Browser Plugin <= 0.4.16 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability

WiFi File Browser Pro version 2.0.8 suffers from a code execution vulnerability. Product & Service Introduction: =============================== WiFi File Browser allows you to download and upload files to your mobile device by using your favourite web browser without the need of a USB cable. The...

WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability

Document Title: =============== WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1406 Release Date: ============= 2015-01-14 Vulnerability Laboratory ID VL-ID: ===================================...

PDW File Browser - upload.php Arbitrary File Upload

The pdw-file-browser WordPress plugin was affected by an upload.php Arbitrary File Upload security vulnerability...

Ajax File Browser 3b (settings.inc.php approot) RFI Vulnerability

No description provided by source. Ajax File Browser 3 Beta Remote File Inclusion found by the arfis project http://arfis.wordpress.com/ Project Info: ------------- Name: Ajax File Browser Link: http://sourceforge.net/projects/ajaxfb/ DL:...

dsm light web file browser 2.0 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10381/info DSM Light has been reported to be prone to a directory traversal vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue would allow an attacker...

Web File Browser 0.4b14 File Download Vulnerability

No description provided by source. Exploit Title: Web File Browser 0.4b14 File Download Vulnerability Date: 2011/11/03 Author: Sangyun YOO Email: yoosy0302 at naver dot com Software Link: http://downloads.sourceforge.net/project/webfilebrowser/webfilebrowser/0.4b14/webfilebrowser-0.4b14.zip...

Cloupia End-to-end FlexPod Management Directory Traversal

No description provided by source. Cloupia End-to-end FlexPod Management - Directory Traversal Vulnerability Advisory Information Advisory ID: KUSTODIAN-2011-011 Date published: Jan 13, 2011 Vulnerability Information Class: Directory Traversal Remotely Exploitable: Yes Locally Exploitable: Yes...

[RT-SA-2014-005] SQL Injection in webEdition CMS File Browser Installer Script

Advisory: SQL Injection in webEdition CMS File Browser RedTeam Pentesting discovered an SQL injection vulnerability in the file browser component of webEdition CMS during a penetration test. Unauthenticated attackers can get read-only access on the SQL database used by webEdition and read for...

CVE-2014-2303

Multiple SQL injection vulnerabilities in the file browser component wefs.php in webEdition CMS before 6.2.7-s1.2 and 6.3.x through 6.3.8 before -s1 allow remote attackers to execute arbitrary SQL commands via the 1 table or 2 order parameter...

Sql injection

Multiple SQL injection vulnerabilities in the file browser component wefs.php in webEdition CMS before 6.2.7-s1.2 and 6.3.x through 6.3.8 before -s1 allow remote attackers to execute arbitrary SQL commands via the 1 table or 2 order parameter...