CVE-2015-0910

CVE-2015-0910 affects TAGAWA Takao TransmitMail (PHP-based mail form). The vulnerability is a cross-site scripting (CWE-79) flaw in the handling of file names, allowing an attacker to cause arbitrary script execution in a victim’s browser. Affected versions are 1.0.11 through 1.5.8. Root cause: p...

Novell Zenworks FileViewer Information Disclosure Vulnerability

This vulnerability allows attackers to obtain sensitive information on vulnerable installations of Novell Zenworks. User interaction is not required to exploit this vulnerability. The specific flaw exists within the FileViewer class. The issue lies in the failure to sanitize the "filename"...

Photo Manager Pro 4.4.0 iOS - Local File Inclusion

Photo Manager Pro 4.4.0 iOS - Local File Inclusion Document Title: =============== Photo Manager Pro v4.4.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1445 Release Date: ============= 2015-03-12 Vulnerability...

USN-2572-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled cleanup when used with Apache 2.4. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2015-3330 It was discovered that PHP incorrectly handled opening tar, zip or ph...

HackerOne: Reflected Filename Download

First of all congratulations on awesome bounty system. Big fan here! I found out that it's possible run a RFD attack on Hackerone. If we visit: https://hackerone.com/dsopas We see the normal HTML webpage. Nothing new here. But if we add ?format=json to the URL we can see the JSON file generated b...

MS14-052 Microsoft Internet Explorer XMLDOM Filename Disclosure

This module will use the Microsoft XMLDOM object to enumerate a remote machine's filenames. It will try to do so against Internet Explorer 8 and Internet Explorer 9. To use it, you must supply your own list of file paths. Each file path should look like this: c:\\windows\\system32\\calc.exe This...

Instagram API Bug Could Allow Malware Downloads

A security researcher says there is a bug in the Instagram API that could enable an attacker to post a message with a link to a page he controls that hosts a malicious file, but when the user downloads the file it will appear to come from a legitimate Instagram domain, leading the victim to trust...

Win x86-64 - Download & execute Generator

Win x86-64 - Download & execute Generator. Shellcode exploit for windows platform Title: Obfuscated Shellcode Windows x86/x64 Download And Execute Use PowerShell - Generator length: Dynamic ! depend on url and filename Date: 20 January 2015 Author: Ali Razmjoo tested On: Windows 7 x64 ultimate...

Buffer overflow

Off-by-one error in the ecryptfsdecodefromfilename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service buffer overflow and system crash or possibly gain privileges via a crafted filename...

Speed Software Root Explorer Directory Traversal Vulnerability

Speed Software Root Explorer is an explorer for Android. A directory traversal vulnerability in Speed Software Root Explorer's handling of filenames allows attackers to exploit the vulnerability to overwrite system files...

Directory traversal

Directory traversal vulnerability in the Speed Root Explorer application before 3.2 for Android and the Speed Explorer application before 2.2 for Android allows remote attackers to write to arbitrary files via a crafted filename...

CVE-2015-0880

Buffer overflow in CREAR AL-Mail32 before 1.13d allows remote attackers to execute arbitrary code via a long filename of an attachment...

CVE-2015-0878

Directory traversal vulnerability in CREAR AL-Mail32 before 1.13d allows remote attackers to write to arbitrary files via a crafted filename of an attachment...

Buffer overflow

Buffer overflow in CREAR AL-Mail32 before 1.13d allows remote attackers to execute arbitrary code via a long filename of an attachment...

CVE-2015-0878

Directory traversal vulnerability in CREAR AL-Mail32 before 1.13d allows remote attackers to write to arbitrary files via a crafted filename of an attachment...

CVE-2015-0879

CREAR AL-Mail32 before 1.13d allows remote attackers to cause a denial of service application crash via a 1 CON, 2 AUX, or 3 NUL device name in the filename of an attachment...

CVE-2015-0880

Buffer overflow in CREAR AL-Mail32 before 1.13d allows remote attackers to execute arbitrary code via a long filename of an attachment...

CVE-2015-0880

AL-Mail32 (CREAR) contains a buffer overflow in the handling of attachment filenames. The CVE-2015-0880 vulnerability affects AL-Mail32 prior to version 1.13d (JVN lists 1.13c and earlier) and could let a remote attacker execute arbitrary code by supplying a specially crafted attachment filename....

CVE-2015-1587

Unrestricted file upload vulnerability in filetoindex.php in Maarch LetterBox 2.8 and earlier and GEC/GED 1.4 and earlier allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a request to a predictable filename in tmp/...

Unrestricted file upload

Unrestricted file upload vulnerability in filetoindex.php in Maarch LetterBox 2.8 and earlier and GEC/GED 1.4 and earlier allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a request to a predictable filename in tmp/...