Lucene search
K

41 matches found

CNVD
CNVD
added 2022/03/17 12:0 a.m.49 views

showdoc .aspx file upload vulnerability (CNVD-2022-20513)

showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 contain a file upload vulnerability that stems from the lack of effective detection of .aspx file extensions in the application's file upload functionality. An attacker could use this...

9.4CVSS1.3AI score0.0074EPSS
Exploits1References1
CNVD
CNVD
added 2022/03/17 12:0 a.m.20 views

showdoc .m3u8a file upload vulnerability

showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 contain a file upload vulnerability that stems from the lack of effective detection of .m3u8a file extensions in the application's file upload feature. An attacker could exploit this...

7.6CVSS1.4AI score0.00754EPSS
Exploits1References1
CNVD
CNVD
added 2022/03/16 12:0 a.m.38 views

showdoc .aspx file upload vulnerability

showdoc is an open source tool ideal for IT teams to share documents online. showdoc versions prior to v2.10.4 contain a file upload vulnerability, which stems from the lack of valid detection of .aspx file extensions in the application's file upload feature. An attacker could exploit this...

6.3CVSS1.6AI score0.00538EPSS
Exploits1References1
CNVD
CNVD
added 2021/12/02 12:0 a.m.17 views

showdoc Cross-site Request Forgery Vulnerability (CNVD-2021-94820)

showdoc is an open source tool ideal for IT teams to share documents online. showDoc has a security vulnerability that can be exploited by attackers to perform request forgery CSRF attacks...

6.5CVSS3.7AI score0.00505EPSS
Exploits1References1
CNVD
CNVD
added 2021/11/16 12:0 a.m.11 views

ShowDoc Cross-Site Request Forgery Vulnerability (CNVD-2021-89159)

ShowDoc is an open source tool for IT teams to share documents online.ShowDoc is vulnerable to cross-site request forgery, which stems from the lack of effective filtering and restriction of cookies set in the software's UserController.class.php, which can be exploited by attackers to cause a...

5.8CVSS3.8AI score0.00399EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/10/22 12:0 a.m.4 views

showdoc 代码问题漏洞

showdoc is open source a great tool for IT teams to share documents online. ShowDoc has a security vulnerability that can be exploited by attackers to gain server privileges...

9.8CVSS8.3AI score0.01345EPSS
Exploits0References3
Microsoft KB
Microsoft KB
added 2021/08/10 7:0 a.m.61 views

Description of the security update for SharePoint Server 2019: August 10, 2021 (KB5002000)

Description of the security update for SharePoint Server 2019: August 10, 2021 KB5002000 Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see the Microsoft Common Vulnerabilities and Exposures CVE-2021-36940. Note: ...

7.6CVSS7.1AI score0.03647EPSS
Exploits0
ThreatPost
ThreatPost
added 2021/04/28 7:0 p.m.279 views

Microsoft Office SharePoint Targeted With High-Risk Phish, Ransomware Attacks

A phishing campaign, discovered by researchers at Cofense, is draping itself in a Microsoft Office SharePoint theme and successfully bypassing security email gateways SEGs. In a post on Tuesday, the firm said that this is an example of why it’s not always prudent to share documents via Microsoft’...

7.5CVSS9.5AI score0.99913EPSS
Exploits29References15
Microsoft KB
Microsoft KB
added 2018/09/11 7:0 a.m.46 views

End of support for Office 2016 and Office 2019

None None...

9.3CVSS7.4AI score0.23044EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

MS Word 95/97/98/2000/2002 Excel 2002 INCLUDETEXT Document Sharing File Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/5586/info The Microsoft Word and Excel INCLUDETEXT Field Code may be used to insert an arbitrary local file into a document. The INCLUDETEXT Field Code is reported to, under some circumstances, present a security threat. ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

MS Word 95/97/98/2000/2002 INCLUDEPICTURE Document Sharing File Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/5764/info The INCLUDEPICTURE Field Code may be used to insert arbitrary URLs into a document. The INCLUDEPICTURE Field Code is reported to, under some circumstances, present a security threat. If the INCLUDEPICTURE Field...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/05/30 12:0 a.m.36 views

Microsoft SharePoint Server Unsupported Version Detection

The remote host has an unsupported version of SharePoint Server installed. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. C Tenable Network Security, Inc. include"compat.inc"; if...

5.5AI score
Exploits0References1
Cisco Threats
Cisco Threats
added 2013/07/05 1:18 p.m.10 views

Threat Outbreak Alert: Fake Document Sharing Email Messages on July 3, 2013

Medium Alert ID: 29948 First Published: 2013 July 5 13:18 GMT Version: 1 Summary Cisco Security has detected significant activity related to Portuguese-language spam email messages that claim to contain documents for the recipient. The text in the email message attempts to convince the recipient ...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.46 views

VUPEN Security Research - Adobe Acrobat and Reader Picture Dimensions Heap Overflow Vulnerability

VUPEN Security Research - Adobe Acrobat and Reader Picture Dimensions Heap Overflow Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Adobe Acrobat and Reader are the global standards for electronic document...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2010/10/30 7:15 a.m.10 views

New Windows 8 Rumors Highlight Advanced Features and Enhanced Security

Just as you were getting comfortable with Windows 7, Windows 8 seems to be on the horizon for the next two years. Celebrating the one-year anniversary of Windows 7— the fastest-selling OS in history—Microsoft’s Dutch website briefly mentioned its successor: “Microsoft is on course for the next...

7AI score
Exploits0
securityvulns
securityvulns
added 2009/04/23 12:0 a.m.60 views

SAP Cfolders Multiple Stored XSS Vulnerabilies

Digital Security Research Group DSecRG Advisory DSECRG-09-014 Original advisory: http://dsecrg.com/pages/vul/show.php?id=114 Application: SAP Cfolders included in: SAP SRM, SAP ECC, SAP Knowledge Management and SAP NetWeaver cRooms Vendor URL: http://SAP.com Bugs: Multiple Stored XSS Risk: Hight...

6.2AI score
Exploits0
ThreatPost
ThreatPost
added 2009/03/16 7:15 p.m.6 views

Comcast passwords left unprotected online

User names and passwords belonging to more than 8,000 Comcast Internet customers were left exposed on the Web for at least two months. A post by Brad Stone on the Bits blog NYTimes.com details the situation, which was exposed by a Comcast customer from Pennsylvania. Kevin Andreyo, an educational...

0.7AI score
Exploits0References4
exploitpack
exploitpack
added 2002/09/20 12:0 a.m.19 views

Microsoft Word 95979820002002 - INCLUDEPICTURE Document Sharing File Disclosure

Microsoft Word 95979820002002 - INCLUDEPICTURE Document Sharing File Disclosure source: https://www.securityfocus.com/bid/5764/info The INCLUDEPICTURE Field Code may be used to insert arbitrary URLs into a document. The INCLUDEPICTURE Field Code is reported to, under some circumstances, present a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/09/20 12:0 a.m.34 views

Microsoft Word 95/97/98/2000/2002 - 'INCLUDEPICTURE' Document Sharing File Disclosure

source: https://www.securityfocus.com/bid/5764/info The INCLUDEPICTURE Field Code may be used to insert arbitrary URLs into a document. The INCLUDEPICTURE Field Code is reported to, under some circumstances, present a security threat. If the INCLUDEPICTURE Field Code is included in a document and...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/08/26 12:0 a.m.13 views

Microsoft Word 95979820002002 Excel 2002 - INCLUDETEXT Document Sharing File Disclosure

Microsoft Word 95979820002002 Excel 2002 - INCLUDETEXT Document Sharing File Disclosure source: https://www.securityfocus.com/bid/5586/info The Microsoft Word and Excel INCLUDETEXT Field Code may be used to insert an arbitrary local file into a document. The INCLUDETEXT Field Code is reported to,...

7.4AI score
Exploits0
Rows per page
Query Builder