6 matches found
Cybozu Office vulnerable to bypass browsing restrictions in Custom App
Overview Cybozu Office provided by Cybozu, Inc. contains a vulnerability which allows to bypass browsing restrictions in Custom App CWE-201. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of the solution through JVN. Impact A user who can login to the product may view data...
JVN#29845579: Cybozu Office vulnerable to bypass browsing restrictions in Custom App
Cybozu Office provided by Cybozu, Inc. contains a vulnerability which allows to bypass browsing restrictions in Custom App CWE-201. Impact A user who can login to the product may view data that the user does not have access by conducting 'search' under certain conditions. Solution Update the...
AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities
Exploit for php platform in category web applications + Credits: hyp3rlinx + ISR: apparitionsec Vendor: ========== sourceforge.net smsid download linx: sourceforge.net/projects/ajax-explorer/files/ Product: ======================= AjaxExplorer v1.10.3.2 Manage server files through simple windows...
Egresser - Tool to Enumerate Outbound Firewall Rules
Egresser is a tool to enumerate outbound firewall rules, designed for penetration testers to assess whether egress filtering is adequate from within a corporate network. Probing each TCP port in turn, the Egresser server will respond with the client’s source IP address and port, allowing the clie...
CVE-2011-3225
The SMB File Server component in Apple Mac OS X 10.7 before 10.7.2 does not prevent all guest users from accessing the share point record of a guest-restricted folder, which allows remote attackers to bypass intended browsing restrictions by leveraging access to the nobody account...
CVE-2011-3225
The SMB File Server component in Apple Mac OS X 10.7 before 10.7.2 does not prevent all guest users from accessing the share point record of a guest-restricted folder, which allows remote attackers to bypass intended browsing restrictions by leveraging access to the nobody account...