43 matches found
EUVD-2016-2704
Malware in sbrugna...
EUVD-2015-5911
Malware in sbrugna...
EUVD-2016-2706
Malware in sbrugna...
EUVD-2016-2702
Malware in sbrugna...
SUSE CVE-2016-1607
Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administrators, as demonstrated by reconfiguring time settings via a vaconfig/time request...
SUSE CVE-2016-1609
Multiple cross-site scripting XSS vulnerabilities in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allow remote authenticated users to inject arbitrary web script or HTML via crafted input, as demonstrated by a crafted attribute of an IMG element in the phone field of ...
Micro Focus (Novell) Filr Detection Consolidation
Consolidation of Micro Focus Novell Filr detections. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Novell Filr Cross-Site Scripting Vulnerability (CNVD-2016-05959)
Novell Filr is a file access and sharing solution for the enterprise from Novell, USA. A cross-site scripting vulnerability exists in Novell Filr 1.2 Security Update 2 and earlier and 2.0 Security Update 1 and earlier. The vulnerability can be exploited by a remote attacker to inject arbitrary we...
Novell Filr Insecure File Permissions Vulnerability
Novell Filr is a file access and sharing solution for the enterprise from Novell, USA. A security vulnerability exists in Novell Filr 1.2 Security Update 2 and earlier and 2.0 Security Update 1 and earlier, which originates from a program that assigns global file '/etc/profile.d/vainit.sh'. This...
Novell Filr Cross-Site Request Forgery Vulnerability
Novell Filr is a file access and sharing solution for the enterprise from Novell, USA. A cross-site request forgery vulnerability exists in the management interface in Novell Filr 2.0 Security Update 1 and prior versions and 1.2 Security Update 2. A remote attacker could exploit this vulnerabilit...
Novell Filr Directory Traversal Vulnerability
Novell Filr is a file access and sharing solution for the enterprise from Novell, USA. A directory traversal vulnerability exists in the email-template feature in Novell Filr 1.2 Security Update 2 and earlier and 2.0 Security Update 1 and earlier. A remote attacker could leverage the '...' in the...
Novell Filr Command Injection Vulnerability
Novell Filr is a file access and sharing solution for the enterprise from Novell, USA. An operating system command injection vulnerability exists in the vaconfig/time file in Novell Filr 1.2 Security Update 2 and earlier and 2.0 Security Update 1 and earlier. A remote attacker can exploit this...
CVE-2016-1611
Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands...
CVE-2016-1611
Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands...
CVE-2016-1610
Directory traversal vulnerability in the email-template feature in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote attackers to bypass intended access restrictions and write to arbitrary files via a .. dot dot in a blob name...
CVE-2016-1610
Directory traversal vulnerability in the email-template feature in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote attackers to bypass intended access restrictions and write to arbitrary files via a .. dot dot in a blob name...
CVE-2016-1609
Multiple cross-site scripting XSS vulnerabilities in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allow remote authenticated users to inject arbitrary web script or HTML via crafted input, as demonstrated by a crafted attribute of an IMG element in the phone field of ...
CVE-2016-1609
Multiple cross-site scripting XSS vulnerabilities in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allow remote authenticated users to inject arbitrary web script or HTML via crafted input, as demonstrated by a crafted attribute of an IMG element in the phone field of ...
CVE-2016-1608
vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter...
CVE-2016-1608
vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter...