53 matches found
CVE-2019-14530
An issue was discovered in custom/ajaxdownload.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file that is readable by the user www-data from server storage. If the requested file is writable for the www-data user and the directory...
CVE-2019-4260
IBM Daeja ViewONE Professional, Standard & Virtual 5.0 through 5.0.5 could allow an unauthorized user to download server files resulting in sensitive information disclosure. IBM X-Force ID: 160012...
CVE-2018-10869
The CVE-2018-10869 vulnerability affects redhat-certification and allows a remote attacker to download any file accessible by the web server user via the /download page due to improper access restriction. Red Hat’s RHSA-2018:2373 (and related advisories) document this issue and provide a security...
Horde Gollem Module Unauthorized File Download Vulnerability - Windows
Horde Groupware is prone to an unauthorized file download vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Horde Gollem Module Unauthorized File Download Vulnerability - Linux
Horde Groupware is prone to an unauthorized file download vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2017-1308
IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0 could allow an authenticated attacker to download files they should not have access to due to improper access controls. IBM X-Force ID: 125462...
D-Link DWR-116 Directory Traversal
Title: D-Link DWR-116 Arbitrary File Download Vendor: D-Link www.dlink.com Affected models: DWR-116 / DWR-116A1 Tested on: V1.01EU, V1.00CPb10, V1.05AU CVE: CVE-2017-6190 Date: 04.07.2016 Author: Patryk Bogdan @patrykbogdan Description: D-Link DWR-116 with firmware before V1.05b09 suffers from...
HelpDeskZ < 1.0.2 - (Authenticated) SQL Injection / Unauthorized File Download
''' Exploit Title: HelpDeskZ fetchRow"SELECT , COUNTid AS total FROM ".TABLEPREFIX."attachments WHERE id=".$db-realescapestring$params2." AND ticketid=".$params0." AND msgid=".$params3; third argument AND msgid=".$params3; sent to fetchRow query with out any senitization Steps to reproduce:...
Huawei eSight Directory Traversal Vulnerability
Huawei eSight is Huawei's next-generation O&M solution for enterprise infrastructure networks, unified communications, telepresence conferencing, video surveillance, and data centers. The solution supports unified monitoring and configuration management of multi-vendor and multi-type devices, as...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a denial of service disk consumption via unspecified vectors...
Microsoft Internet Explorer 5.0.1 - FTP URI Arbitrary FTP Server Command Execution
source: https://www.securityfocus.com/bid/11826/info Microsoft Internet Explorer is reported prone to an arbitrary FTP server command-execution vulnerability. This issue is due to the application's failure to properly sanitize user-supplied URI input before using it to execute FTP commands on...
BlackBoard Learning System 6.0 - Dropbox File Download
source: https://www.securityfocus.com/bid/10515/info It is reported that Blackboard improperly allows users to download files posted in the 'Digital Dropbox'. Files in the dropbox are intended for the course administrators. The application does not verify that the files requested for download are...
Infosec.20000712.worldclient.2.1
Infosec Security Vulnerability Report No: Infosec.20000712.worldclient.2.1 Vulnerability Summary --------------------- Problem: The web server for remote access to e-mail in WorldClient 2.1 is vulnerable for root dot dot. It is possible to read and in some cases download any file known by name an...