EUVD-2007-0151

Malware in sbrugna...

executive.cuyahogacounty.us Open Redirect vulnerability OBB-1198314

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

bc.cuyahogacounty.us Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1172509 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Kaspersky Anti-Spam未授权目录访问验证绕过漏洞

Kaspersky Anti-Spam是一款反垃圾邮件应用程序。 Kaspersky Anti-Spam的WEB配置接口存在设计问题，远程攻击者可以利用漏洞未授权访问部分目录文件信息。 目前没有详细漏洞细节提供。 Kaspersky Anti-Spam 3.0 MP1 可采用如下补丁： Kaspersky Anti-Spam 3.0 MP1 Cuyahoga kas-3-3.0.274-0.i386.rpm http://dnl-us4.kaspersky-labs.com/products/release/english/antispam/rp...

[SA23662] Cuyahoga FCKEditor Security Bypass Issue

TITLE: Cuyahoga FCKEditor Security Bypass Issue SECUNIA ADVISORY ID: SA23662 VERIFY ADVISORY: http://secunia.com/advisories/23662/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: Cuyahoga 1.x http://secunia.com/product/13174/ DESCRIPTION: A security issue has be...

Cuyahoga FCKEditor Misconfiguration Unrestricted File Upload

The remote host is running Cuyahoga, an open source .NET website framework. The installation of Cuyahoga fails to require authorization to access the FCKEditor component included with it. An unauthenticated, remote attacker may be able to leverage this flaw to view and upload files with FCKEditor...

Design/Logic Flaw

Cuyahoga before 1.0.1 installs the FCKEditor component with an incorrect deny statement in a Web.config file, which allows remote attackers to upload files when these privileges were intended only for the Administrator and Editor roles...

CVE-2007-0147

Cuyahoga before 1.0.1 installs the FCKEditor component with an incorrect deny statement in a Web.config file, which allows remote attackers to upload files when these privileges were intended only for the Administrator and Editor roles...

CVE-2007-0147

Cuyahoga before 1.0.1 installs the FCKEditor component with an incorrect deny statement in a Web.config file, which allows remote attackers to upload files when these privileges were intended only for the Administrator and Editor roles...

CVE-2007-0147

CVE-2007-0147 affects Cuyahoga before 1.0.1, which bundles the FCKEditor component. A misconfigured deny statement in the Web.config allows an unauthenticated, remote attacker to upload files when such privileges were intended only for Administrator and Editor roles. The impact is an unauthorized...