41 matches found
showdoc .aspx file upload vulnerability (CNVD-2022-20513)
showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 contain a file upload vulnerability that stems from the lack of effective detection of .aspx file extensions in the application's file upload functionality. An attacker could use this...
showdoc .m3u8a file upload vulnerability
showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 contain a file upload vulnerability that stems from the lack of effective detection of .m3u8a file extensions in the application's file upload feature. An attacker could exploit this...
showdoc .aspx file upload vulnerability
showdoc is an open source tool ideal for IT teams to share documents online. showdoc versions prior to v2.10.4 contain a file upload vulnerability, which stems from the lack of valid detection of .aspx file extensions in the application's file upload feature. An attacker could exploit this...
showdoc Cross-site Request Forgery Vulnerability (CNVD-2021-94820)
showdoc is an open source tool ideal for IT teams to share documents online. showDoc has a security vulnerability that can be exploited by attackers to perform request forgery CSRF attacks...
ShowDoc Cross-Site Request Forgery Vulnerability (CNVD-2021-89159)
ShowDoc is an open source tool for IT teams to share documents online.ShowDoc is vulnerable to cross-site request forgery, which stems from the lack of effective filtering and restriction of cookies set in the software's UserController.class.php, which can be exploited by attackers to cause a...
showdoc 代码问题漏洞
showdoc is open source a great tool for IT teams to share documents online. ShowDoc has a security vulnerability that can be exploited by attackers to gain server privileges...
Description of the security update for SharePoint Server 2019: August 10, 2021 (KB5002000)
Description of the security update for SharePoint Server 2019: August 10, 2021 KB5002000 Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see the Microsoft Common Vulnerabilities and Exposures CVE-2021-36940. Note: ...
Microsoft Office SharePoint Targeted With High-Risk Phish, Ransomware Attacks
A phishing campaign, discovered by researchers at Cofense, is draping itself in a Microsoft Office SharePoint theme and successfully bypassing security email gateways SEGs. In a post on Tuesday, the firm said that this is an example of why it’s not always prudent to share documents via Microsoft’...
End of support for Office 2016 and Office 2019
None None...
MS Word 95/97/98/2000/2002 Excel 2002 INCLUDETEXT Document Sharing File Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/5586/info The Microsoft Word and Excel INCLUDETEXT Field Code may be used to insert an arbitrary local file into a document. The INCLUDETEXT Field Code is reported to, under some circumstances, present a security threat. ...
MS Word 95/97/98/2000/2002 INCLUDEPICTURE Document Sharing File Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/5764/info The INCLUDEPICTURE Field Code may be used to insert arbitrary URLs into a document. The INCLUDEPICTURE Field Code is reported to, under some circumstances, present a security threat. If the INCLUDEPICTURE Field...
Microsoft SharePoint Server Unsupported Version Detection
The remote host has an unsupported version of SharePoint Server installed. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. C Tenable Network Security, Inc. include"compat.inc"; if...
Threat Outbreak Alert: Fake Document Sharing Email Messages on July 3, 2013
Medium Alert ID: 29948 First Published: 2013 July 5 13:18 GMT Version: 1 Summary Cisco Security has detected significant activity related to Portuguese-language spam email messages that claim to contain documents for the recipient. The text in the email message attempts to convince the recipient ...
VUPEN Security Research - Adobe Acrobat and Reader Picture Dimensions Heap Overflow Vulnerability
VUPEN Security Research - Adobe Acrobat and Reader Picture Dimensions Heap Overflow Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Adobe Acrobat and Reader are the global standards for electronic document...
New Windows 8 Rumors Highlight Advanced Features and Enhanced Security
Just as you were getting comfortable with Windows 7, Windows 8 seems to be on the horizon for the next two years. Celebrating the one-year anniversary of Windows 7— the fastest-selling OS in history—Microsoft’s Dutch website briefly mentioned its successor: “Microsoft is on course for the next...
SAP Cfolders Multiple Stored XSS Vulnerabilies
Digital Security Research Group DSecRG Advisory DSECRG-09-014 Original advisory: http://dsecrg.com/pages/vul/show.php?id=114 Application: SAP Cfolders included in: SAP SRM, SAP ECC, SAP Knowledge Management and SAP NetWeaver cRooms Vendor URL: http://SAP.com Bugs: Multiple Stored XSS Risk: Hight...
Comcast passwords left unprotected online
User names and passwords belonging to more than 8,000 Comcast Internet customers were left exposed on the Web for at least two months. A post by Brad Stone on the Bits blog NYTimes.com details the situation, which was exposed by a Comcast customer from Pennsylvania. Kevin Andreyo, an educational...
Microsoft Word 95979820002002 - INCLUDEPICTURE Document Sharing File Disclosure
Microsoft Word 95979820002002 - INCLUDEPICTURE Document Sharing File Disclosure source: https://www.securityfocus.com/bid/5764/info The INCLUDEPICTURE Field Code may be used to insert arbitrary URLs into a document. The INCLUDEPICTURE Field Code is reported to, under some circumstances, present a...
Microsoft Word 95/97/98/2000/2002 - 'INCLUDEPICTURE' Document Sharing File Disclosure
source: https://www.securityfocus.com/bid/5764/info The INCLUDEPICTURE Field Code may be used to insert arbitrary URLs into a document. The INCLUDEPICTURE Field Code is reported to, under some circumstances, present a security threat. If the INCLUDEPICTURE Field Code is included in a document and...
Microsoft Word 95979820002002 Excel 2002 - INCLUDETEXT Document Sharing File Disclosure
Microsoft Word 95979820002002 Excel 2002 - INCLUDETEXT Document Sharing File Disclosure source: https://www.securityfocus.com/bid/5586/info The Microsoft Word and Excel INCLUDETEXT Field Code may be used to insert an arbitrary local file into a document. The INCLUDETEXT Field Code is reported to,...