20 matches found
CVE-2020-12129
The AirDisk Pro app 5.5.3 for iOS allows XSS via the createFolder parameter of the Create Folder function...
EUVD-2019-0744
Malware in sbrugna...
EUVD-2006-0925
Malware in sbrugna...
EUVD-2020-4444
Malware in sbrugna...
Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php
...
CVE-2024-42481
CVE-2024-42481 affects the Skyport Daemon (skyportd) used with Skyport Panel. The root cause is lack of rate limiting on createFolder and createFile, enabling exploitation by creating thousands of folders/files which can drive 100% CPU usage and cause an Out-of-Memory condition, potentially crash...
CVE-2020-12129
The AirDisk Pro app 5.5.3 for iOS allows XSS via the createFolder parameter of the Create Folder function...
CVE-2020-12129
The vulnerability CVE-2020-12129 affects the AirDisk Pro app for iOS (v5.5.3). The issue is a cross-site scripting (XSS) flaw in the Create Folder function, exploitable through the createFolder parameter. The Red Hat/CVE entry and CNVD note the root cause as insufficient validation of client-side...
Octech Oempro Cross-Site Scripting Vulnerability
Octech Oempro is a suite of email marketing software from Octech USA. A cross-site scripting vulnerability exists in the 'FolderName' parameter of the Media.CreateFolder command in Octech Oempro versions 4.7 through 4.11. The vulnerability stems from a lack of proper validation of client data by...
DEBIAN-CVE-2019-19783
An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed 3.x or certain non-default sieve options are enabled 2.x, a user with a mail account on the service can use a sieve script containing a fileinto directive to...
Cross-site Scripting in Bolt
Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php...
GHSA-CJ8P-53V9-2C26 Cross-site Scripting in Bolt
Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php...
CVE-2019-15485
CVE-2019-15485: Bolt before 3.6.10 is vulnerable to cross-site scripting via createFolder or createFile in Controller/Async/FilesystemManager.php. The issue affects Bolt CMS versions prior to 3.6.10 and is exploitable through crafted input in file/folder creation paths, as documented in multiple ...
Microsoft Windows 10 scrrun.dll Active-X Creation / Deletion Issues
Title: Windows 10 'scrrun.dll' Multiple vulnerabilities Author: Nassim Asrir Contact: [email protected] / https://www.linkedin.com/in/nassim-asrir-b73a57122/ Vendor: https://www.microsoft.com/ Test ENV: ======== Browser : IE 11 OS: Windows 10 - x64 Details: ======== scrrun.dll...
In the Rising-2 0 1 0 full protection under the created folder-vulnerability warning-the black bar safety net
program createfolder; uses Windows; const DIRECTORYALLACCESS = STANDARDRIGHTSREQUIRED or $F; FILECREATE = $0 0 0 0 0 0 0 2; FILEDIRECTORYFILE = $0 0 0 0 0 0 0 1; OBJCASEINSENSITIVE = $0 0 0 0 0 0 4 0; type NTSTATUS = ULONG; PUnicodeString = ^TUnicodeString; TUnicodeString = packed record Length:...
Design/Logic Flaw
Multiple insecure method vulnerabilities in Idefense Labs COMRaider allow remote attackers to create or overwrite arbitrary files via the 1 CreateFolder and 2 Copy methods. NOTE: this might only be a vulnerability in certain insecure configurations of Internet Explorer...
CVE-2009-3860
Multiple insecure method vulnerabilities in Idefense Labs COMRaider allow remote attackers to create or overwrite arbitrary files via the 1 CreateFolder and 2 Copy methods. NOTE: this might only be a vulnerability in certain insecure configurations of Internet Explorer...
COMRaider Insecure Method
!/usr/bin/perl COMRaider Idefense Labs CreateFolder and Copy Insecure Method Hard Disk Filler Exploit Discovered and Exploited by : Khashayar Fereidani Http://IRCRASH.com & Http://Fereidani.ir Help : perl comraider.pl Please enter the foldername C:\ircrash\ for example : C:\ircrash\ Please ente...
Directory traversal
Multiple directory traversal vulnerabilities in connector.php in FCKeditor 2.0 FC, as used in products such as RunCMS, allow remote attackers to list and create arbitrary directories via a .. dot dot in the CurrentFolder parameter to 1 GetFoldersAndFiles and 2 CreateFolder...
CVE-2006-0921
Multiple directory traversal vulnerabilities in connector.php in FCKeditor 2.0 FC, as used in products such as RunCMS, allow remote attackers to list and create arbitrary directories via a .. dot dot in the CurrentFolder parameter to 1 GetFoldersAndFiles and 2 CreateFolder...