SUSE CVE-2015-5299

The shadowcopy2getshadowcopydata function in modules/vfsshadowcopy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORYLIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy...

CVE-2021-35968

The directory list page parameter of the Orca HCM digital learning platform fails to filter special characters properly. Remote attackers can access the system directory thru Path Traversal with users’ privileges...

CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow

This module exploits a buffer overflow within the CA Unified Infrastructure Management nimcontroller. The vulnerability occurs in the robot controller component when sending a specially crafted directorylist probe. Technically speaking the target host must also be vulnerable to CVE-2020-8010 in...

Samba: Missing access control check in shadow copy code

A missing access control flaw was found in Samba. A remote, authenticated attacker could use this flaw to view the current snapshot on a Samba share, despite not having DIRECTORYLIST access rights...

Samba: Missing access control check in shadow copy code

A missing access control flaw was found in Samba. A remote, authenticated attacker could use this flaw to view the current snapshot on a Samba share, despite not having DIRECTORYLIST access rights...

Samba: Missing access control check in shadow copy code

A missing access control flaw was found in Samba. A remote, authenticated attacker could use this flaw to view the current snapshot on a Samba share, despite not having DIRECTORYLIST access rights...

Samba Bypass Access Privilege Vulnerability

Samba is a set of programs that implement the SMB Server Messages Block protocol, cross-platform file sharing and print sharing services. An access privilege bypass vulnerability exists in the shadowcopy2getshadowcopydata function in the /vfsshadowcopy2.c module in Samba versions 4.x before 4.1.2...

DEBIAN-CVE-2015-5299

The shadowcopy2getshadowcopydata function in modules/vfsshadowcopy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORYLIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy...

WiFi Drive CR v1.0 iOS - Persistent Filename Dir List Vulnerability

Document Title: =============== WiFi Drive CR v1.0 iOS - Persistent Filename Dir List Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1595 Release Date: ============= 2015-09-23 Vulnerability Laboratory ID VL-ID:...

[FGscanner] Find hidden contents using dictionary-like attack

FGscanner is a completely rewritten version of littlescanner script. FGscanner is an opensource advanced web directory scanner to find hidden contents on a web server using dictionary-like attack with proxy and tor support. Quick reference for switches Usage: ./fgscan.pl --host=hostname...

CVE-2011-1610

Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager aka CUCM, formerly CallManager 6.x before 6.15su3, 7.x before 7.15su4, 8.0 before 8.03asu2, and 8.5 before 8.51su1 allow remote attackers to execute...