CVE-2018-25328

VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craft a malicious input file containing 271 bytes of junk data followed by a return address to execute...

CVE-2018-25328 VX Search 10.6.18 Local Buffer Overflow via Directory Field

VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craft a malicious input file containing 271 bytes of junk data followed by a return address to execute...

CVE-2018-25328 VX Search 10.6.18 Local Buffer Overflow via Directory Field

VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craft a malicious input file containing 271 bytes of junk data followed by a return address to execute...

CVE-2018-25328

VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craft a malicious input file containing 271 bytes of junk data followed by a return address to execute...

CVE-2018-25328

VX Search 10.6.18 is affected by a local buffer overflow in the directory field. The vulnerability can be triggered by an oversized input file containing 271 bytes of junk data followed by a return address, allowing an attacker to overwrite the instruction pointer and execute arbitrary code with ...

EUVD-2018-21852

VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craft a malicious input file containing 271 bytes of junk data followed by a return address to execute...

PT-2026-41554

VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craft a malicious input file containing 271 bytes of junk data followed by a return address to execute...

EUVD-2019-20101

FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can trigger the crash by entering a crafted path containing 384 'A' characters followed by 'BBBB' and...

EUVD-2019-19959

JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointers. Attackers can inject alphanumeric encoded shellcode through the Log Directory field to trigger...

CVE-2019-25593

jetCast Server 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Log directory configuration field. Attackers can paste a buffer of 5000 characters into the Log directory input, then click Start to...

CVE-2020-36882

Flexsense DiskBoss 7.7.14 allows unauthenticated attackers to upload arbitrary files via /Command/Search Files/Directory field, leading to a denial of service by crashing the application...

CVE-2020-36880

Flexsense DiskBoss 7.7.14 contains a local buffer overflow vulnerability in the 'Reports and Data Directory' field that allows an attacker to execute arbitrary code on the system...

CVE-2020-36882

Flexsense DiskBoss 7.7.14 is affected by CVE-2020-36882. An unauthenticated attacker can upload arbitrary files through the Directory field in the /Command/Search Files/ API endpoint, causing a denial of service via application crash. The vulnerability is tied to the DiskBoss software (Flexsense)...

PT-2025-49293

Name of the Vulnerable Software and Affected Versions Flexsense DiskBoss version 7.7.14 Description An unauthenticated attacker can upload arbitrary files through the /Command/Search Files/Directory field. This can lead to a denial of service by crashing the application. The vulnerable parameter ...

Flexsense DiskBoss 缓冲区错误漏洞

Flexsense DiskBoss is a disk management tool from Flexsense, Inc. A buffer error vulnerability exists in Flexsense DiskBoss version 7.7.14, which stems from a local buffer overflow in the Reports and Data Directory field that could lead to the execution of arbitrary code...

EUVD-2006-0574

Malware in sbrugna...

EUVD-2025-19256

Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection. This issue affects Pandora FMS 774 through 778...

Pandora FMS 安全漏洞

Pandora FMS is a monitoring system from Pandora FMS, USA. The system monitors networks, servers, virtual infrastructures, applications, etc. through visualization. A security vulnerability exists in Pandora FMS versions 774 to 778, which stems from improper neutralization of special elements of t...

CVE-2024-27625

CMS Made Simple Version 2.2.19 is vulnerable to Cross Site Scripting XSS. This vulnerability resides in the File Manager module of the admin panel. Specifically, the issue arises due to inadequate sanitization of user input in the "New directory" field...

PT-2024-21974 · Unknown · Cms Made Simple

Name of the Vulnerable Software and Affected Versions: CMS Made Simple version 2.2.19 Description: The issue is a Cross Site Scripting XSS vulnerability that resides in the File Manager module of the admin panel. It arises due to inadequate sanitization of user input in the "New directory" field...