Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in index.php in the File Manager module in Flatnuke 3 allows remote attackers to perform certain actions as administrators via requests containing the pathname in the dir parameter and the filename in the ffile parameter...

CVE-2007-5773

Cross-site request forgery CSRF vulnerability in index.php in the File Manager module in Flatnuke 3 allows remote attackers to perform certain actions as administrators via requests containing the pathname in the dir parameter and the filename in the ffile parameter...

[Aria-Security.Net] SearchSimon Lite Cross-Site Scripting Vuln.

Aria-Security Team http://Aria-Security.net/ ------------------------------------------------- SearchSimon Lite Cross-Site Scripting The file Name may be different in different websites PoC filename.asp?QUERY=XSS&Submit=Search21&ACTION=SEARCH Credits Goes To Aria-Security Team Aria-Security.Net...

CVE-2002-2245

ftpd in NetBSD 1.5 through 1.5.3 and 1.6 does not properly quote a digit in response to a STAT command for a filename that contains a carriage return followed by a digit, which can cause firewalls and other intermediary devices to lose proper track of the FTP session...

Input validation

Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to include local files and have other unspecified impact, related to incorrect input validation or other defects involving 1 admin/backupstart.php, 2 a .sql filename under admin/admin/dump/, 3 a .sql...

CVE-2007-5155

IceGUI.DLL in ICEOWS 4.20b invokes a function with incorrect arguments, which allows user-assisted remote attackers to execute arbitrary code via a long filename in the header of an ACE archive, which triggers a stack-based buffer overflow...

CVE-2007-5037

Buffer overflow in the inotifytoolssnprintf function in src/inotifytools.c in the inotify-tools library before 3.11 allows context-dependent attackers to execute arbitrary code via a long filename...

DEBIAN-CVE-2007-5037

Buffer overflow in the inotifytoolssnprintf function in src/inotifytools.c in the inotify-tools library before 3.11 allows context-dependent attackers to execute arbitrary code via a long filename...

CVE-2007-5037

Buffer overflow in the inotifytoolssnprintf function in src/inotifytools.c in the inotify-tools library before 3.11 allows context-dependent attackers to execute arbitrary code via a long filename...

Buffer overflow

Buffer overflow in the inotifytoolssnprintf function in src/inotifytools.c in the inotify-tools library before 3.11 allows context-dependent attackers to execute arbitrary code via a long filename...

CVE-2007-5037

Buffer overflow in the inotifytoolssnprintf function in src/inotifytools.c in the inotify-tools library before 3.11 allows context-dependent attackers to execute arbitrary code via a long filename...

CVE-2007-5037

Buffer overflow in the inotifytoolssnprintf function in src/inotifytools.c in the inotify-tools library before 3.11 allows context-dependent attackers to execute arbitrary code via a long filename...

CVE-2002-2226

Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote attackers to execute arbitrary code via a long filename argument...

CVE-2007-4963

Visual truncation vulnerability in WinImage 8.10 and earlier allows remote attackers to spoof a destination filename via a long sequence of space characters in a filename within a 1 .IMG or 2 .ISO file. NOTE: this can be leveraged with a separate directory traversal vulnerability to trick a caref...

Directory traversal

Visual truncation vulnerability in WinImage 8.10 and earlier allows remote attackers to spoof a destination filename via a long sequence of space characters in a filename within a 1 .IMG or 2 .ISO file. NOTE: this can be leveraged with a separate directory traversal vulnerability to trick a caref...

CVE-2007-4963

Visual truncation vulnerability in WinImage 8.10 and earlier allows remote attackers to spoof a destination filename via a long sequence of space characters in a filename within a 1 .IMG or 2 .ISO file. NOTE: this can be leveraged with a separate directory traversal vulnerability to trick a caref...

CVE-2007-4512

Cross-site scripting XSS vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a virus signature and has a crafted filename that is not properly handled by the pri...

Cross site scripting

Cross-site scripting XSS vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a virus signature and has a crafted filename that is not properly handled by the pri...

Allied Telesyn TFTP Server 1.9 Long Filename Overflow

This module exploits a stack buffer overflow in AT-TFTP v1.9, by sending a request get/write for an overly long file name. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Allied Telesyn TFTP...

Heap overflow

Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04, as derived from Igor Pavlov 7-Zip before 4.53 beta, allows user-assisted remote attackers to execute arbitrary code via a long filename in an archive, leading to a heap-based buffer overflow...