38 matches found
EUVD-2017-17774
Malware in sbrugna...
EUVD-2017-18030
Malware in sbrugna...
EUVD-2017-18185
Malware in sbrugna...
EUVD-2017-18029
Malware in sbrugna...
EUVD-2017-17790
Malware in sbrugna...
CVE-2017-9091
/admin/loginc.php in Allen Disk 1.6 doesn't check if isset$SESSION'captcha''code' == 1, which leads to CAPTCHA bypass by emptying $POST'captcha'...
CVE-2017-9090
reg.php in Allen Disk 1.6 doesn't check if isset$SESSION'captcha''code'==1, which makes it possible to bypass the CAPTCHA via an empty $POST'captcha'...
CVE-2017-8848
Allen Disk 1.6 has CSRF in setpass.php with an impact of changing a password...
Allen Disk Cross-Site Request Forgery Vulnerability (CNVD-2017-11653)
Allen Disk is a free, open source cloud-based hard disk product that features encrypted file storage, online preview, file sharing and more. A cross-site request forgery vulnerability exists in the remotedownload.php file in Allen Disk version 1.6. A remote attacker can exploit this vulnerability...
Allen Disk Cross-Site Scripting Vulnerability
Allen Disk is a free, open source cloud-based hard disk product that features encrypted file storage, online preview, file sharing and more. A cross-site scripting vulnerability exists in Allen Disk version 1.6. A remote attacker can inject arbitrary web script or HTML by uploading a specially...
CVE-2017-9307
SSRF vulnerability in remotedownload.php in Allen Disk 1.6 allows remote authenticated users to conduct port scans and access intranet servers via a crafted file parameter...
CVE-2017-9307
SSRF vulnerability in remotedownload.php in Allen Disk 1.6 allows remote authenticated users to conduct port scans and access intranet servers via a crafted file parameter...
CVE-2017-9307
The CVE-2017-9307 entry concerns a known SSRF issue in Allen Disk 1.6, specifically in remotedownload.php, where a crafted file parameter can be used by remote authenticated users to perform port scans and reach internal network services. The related connected documents corroborate that remotedow...
CVE-2017-9249
Cross-site scripting XSS vulnerability in Allen Disk 1.6 allows remote authenticated users to inject arbitrary web script or HTML persistently by uploading a crafted HTML file. The attack vector is the content of this file, and the filename must be specified in the PATHINFO to readfile.php...
CVE-2017-9249
Cross-site scripting XSS vulnerability in Allen Disk 1.6 allows remote authenticated users to inject arbitrary web script or HTML persistently by uploading a crafted HTML file. The attack vector is the content of this file, and the filename must be specified in the PATHINFO to readfile.php...
Cross site scripting
Cross-site scripting XSS vulnerability in Allen Disk 1.6 allows remote authenticated users to inject arbitrary web script or HTML persistently by uploading a crafted HTML file. The attack vector is the content of this file, and the filename must be specified in the PATHINFO to readfile.php...
CVE-2017-9249
The CVE-2017-9249 entry describes a Cross-Site Scripting (XSS) vulnerability in Allen Disk 1.6. The issue enables remote authenticated users to persistently inject arbitrary web script or HTML by uploading a crafted HTML file, with the attack vector being the contents of that file and the filenam...
CVE-2017-9249
Cross-site scripting XSS vulnerability in Allen Disk 1.6 allows remote authenticated users to inject arbitrary web script or HTML persistently by uploading a crafted HTML file. The attack vector is the content of this file, and the filename must be specified in the PATHINFO to readfile.php...
Allen Disk Security Bypass Vulnerability
Allen Disk is a free, open source cloud-based hard disk product that features encrypted file storage, online preview, file sharing and more. A security bypass vulnerability exists in the reg.php file in Allen Disk version 1.6. An attacker can exploit this vulnerability to bypass CAPTCHA with the...
CVE-2017-9090
reg.php in Allen Disk 1.6 doesn't check if isset$SESSION'captcha''code'==1, which makes it possible to bypass the CAPTCHA via an empty $POST'captcha'...