113 matches found
CVE-2016-9836
The file scanning mechanism of JFilterInput::isFileSafe in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the .php6, .php7, .phtml, and .phpt extensions. Additionally,...
CVE-2016-9836
The file scanning mechanism of JFilterInput::isFileSafe in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the .php6, .php7, .phtml, and .phpt extensions. Additionally,...
CVE-2016-9836
The file scanning mechanism of JFilterInput::isFileSafe in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the .php6, .php7, .phtml, and .phpt extensions. Additionally,...
CVE-2016-9836
CVE-2016-9836 affects Joomla! CMS versions up to 3.6.4 (self-reported). The file scanning in JFilterInput::isFileSafe() fails to consider alternative PHP extensions (e.g., .php6, .php7, .phtml, .phpt) when validating uploaded files, enabling execution of uploaded PHP content. Additionally, JHelpe...
Armadito Antimalware - Backdoor Access/Bypass
/ Exploit Title : Armadito antimalware - Backdoor/Bypass Date : 07-06-2016 DD-MM-YYYY Exploit Author : Ax. Vendor Homepage : http://www.teclib-edition.com/teclib-products/armadito-antivirus/ Software Link : https://github.com/41434944/armadito-av Version : No version specified. Fixed 07-06-2016...
Baidu really fixed all of the WormHole vulnerability?-vulnerability warning-the black bar safety net
You can’t have a back door in the software because you can’t have a back door that's only for the good guys.“ - Apple CEO Tim Cook You should not give software to install the back door, because you can't guarantee that this Backdoor only the good guys can use the--Apple CEO cook 0×0 developments...
LMD - Linux Malware Detect
Linux Malware Detect LMD is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and...
MGASA-2015-0378 Updated owncloud packages fix security vulnerabilities
Updated owncloud package fixes security vulnerabilities: In ownCloud before 8.0.6, due to an incorrect usage of an ownCloud internal file system function the passed path to the file scanner was resolved relatively. An authenticated adversary may thus be able to get a listing of directories but no...
Antivirus Exclusions for Veeam ONE
Purpose This article documents antivirus exclusions that may be created to reduce the impact that antivirus software has on the functionality of Veeam ONE. These antivirus exclusions may be applied to the Windows built-in antivirus or third-party antivirus software. Note: Antivirus will not alway...
[ByteScanner] Check your file that dangerous or not
This website is web service for checking file that you're uploaded is the malicious file or not. It's similar Virustotal.com, try it by yourself. ByteScanner...
Ubuntu 11.04 / 11.10 / 12.04 LTS : clamav regression (USN-1482-3)
USN-1482-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan files in some situations. This update fixes the problem. We apologize for the inconvenience. It was discovered that ClamAV incorrectly handled certain malformed TAR archives. A remote attacker could create...
Symantec Web Gateway Cross Site Scripting
Exploit Title: Symantec Web Gateway Cross Site Scripting Google Dork: N/A Date: 05/02/2012 Author: B00y@ Software Link: http://www.symantec.com/ Version: 5.0 Tested on: Windows XP Browser: IE 8.0 and Firefox 11.0 Symantec Web Gateway is susceptible to cross site scripting when scanning downloaded...
Google Fixes 20 Flaws in Chrome, Adds Scanning of Downloaded Files
Google has released a major update for its Chrome browser, fixing 20 security vulnerabilities and including a new feature that scans downloaded executables and warns users if they’re potentially malicious. The new file-scanning feature is a major upgrade to the way that Chrome handles user...
Fedora Update for fail2ban FEDORA-2011-5151
Check for the Version of fail2ban OpenVAS Vulnerability Test Fedora Update for fail2ban FEDORA-2011-5151 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CA Products AV Engine CHM File Handling Denial of Service (CVE-2007-3875)
CA provides an anti-virus engine that is shared among multiple applications and products. The anti-virus engine is capable of scanning files stored in numerous archive format. One of these archive formats is the Microsoft compiled help files, as known as CHM. There exists a denial of service...
Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Zip File Scanning Utility
Overview Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java have a vulnerability that allows unauthorized access through a zip file scanning API. Impact Unauthorized access may be done when loading and scanning an external zip file. Solution Please refer to the 'Vendor...
BitDefender Cross Site Scripting
Application: BitDefender Internet Security 2009 OS: Windows Xp All patches a day ------------------------------------------------------ 1 - Description 2 - Vulnerability 3 - POC/EXPLOIT ------------------------------------------------------ Description BitDefender Internet Security is a security...
BitDefender Internet Security XSS
Application: BitDefender Internet Security 2009 OS: Windows Xp All patches a day ------------------------------------------------------ 1 - Description 2 - Vulnerability 3 - POC/EXPLOIT ------------------------------------------------------ Description BitDefender Internet Security is a security...
ZoneAlarm Security Suite buffer overflow
Buffer overflow on oversized path to file being scanned...
[SECURITY] Fedora 7 Update: fail2ban-0.8.0-9.fc7
Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/errorlog and bans IP that makes too many password failures. It updates firewall rules to reject the IP address...