EUVD-2020-30943

HelloWeb 2.0 contains an arbitrary file download vulnerability that allows remote attackers to download system files by manipulating filepath and filename parameters. Attackers can send crafted GET requests to download.asp with directory traversal to access sensitive configuration and system file...

CVE-2020-37034

HelloWeb 2.0 contains an arbitrary file download vulnerability that allows remote attackers to download system files by manipulating filepath and filename parameters. Attackers can send crafted GET requests to download.asp with directory traversal to access sensitive configuration and system file...

CVE-2020-37034 HelloWeb 2.0 - Arbitrary File Download

HelloWeb 2.0 contains an arbitrary file download vulnerability that allows remote attackers to download system files by manipulating filepath and filename parameters. Attackers can send crafted GET requests to download.asp with directory traversal to access sensitive configuration and system file...

CVE-2020-37034

HelloWeb 2.0 contains an arbitrary file download vulnerability that allows remote attackers to download system files by manipulating filepath and filename parameters. Attackers can send crafted GET requests to download.asp with directory traversal to access sensitive configuration and system file...

CVE-2020-37034

CVE-2020-37034 concerns HelloWeb 2.0 with an arbitrary file download vulnerability. The affected component is the download.asp endpoint where an attacker can manipulate the filepath and filename parameters (directory traversal) to access sensitive configuration and system files. Descriptions acro...

CVE-2020-37034 HelloWeb 2.0 - Arbitrary File Download

HelloWeb 2.0 contains an arbitrary file download vulnerability that allows remote attackers to download system files by manipulating filepath and filename parameters. Attackers can send crafted GET requests to download.asp with directory traversal to access sensitive configuration and system file...

PT-2026-5475

Name of the Vulnerable Software and Affected Versions HelloWeb version 2.0 Description The software contains an arbitrary file download issue that enables remote attackers to download system files. This is achieved by manipulating the filepath and filename parameters within crafted GET requests...

Hello, Web path traversal vulnerability

Hello Web is a self-service website building tool provided by Hello Web Inc. The Hello Web 2.0 version has a path traversal vulnerability, which stems from improper handling of the filepath and filename parameters in the download.asp page. This vulnerability could lead to the download of arbitrar...

modalshop.cn XSS vulnerability

Vulnerable URL: http://www.modalshop.cn/download.asp?file=Detecting-Proximity-Probe-Cabling-Errors-Using-Dynamic-CalibrationMD-0243.pdf" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

Unfixed XSS vulnerability at www.postek.net

Security researcher PD, has submitted on 23/04/2008 a cross-site-scripting XSS vulnerability affecting www.postek.net, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 23/04/2008. It is currently unfixed...

PStruh-CZ 1.3/1.5 (download.asp File) File Disclosure Vulnerability

No description provided by source. /-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\ | | | Y! Underground Group | &nbsp...

CVE-2007-2486

Directory traversal vulnerability in download.asp in Motobit 1.3 and 1.5 aka PStruh-CZ allows remote attackers to read arbitrary files via a .. dot dot in the File parameter...

Directory traversal

Directory traversal vulnerability in download.asp in Motobit 1.3 and 1.5 aka PStruh-CZ allows remote attackers to read arbitrary files via a .. dot dot in the File parameter...

CVE-2007-2486

Directory traversal vulnerability in download.asp in Motobit 1.3 and 1.5 aka PStruh-CZ allows remote attackers to read arbitrary files via a .. dot dot in the File parameter...

PStruh-CZ 1.3/1.5 (download.asp File) File Disclosure Vulnerability

Exploit for unknown platform in category web applications =================================================================== PStruh-CZ 1.3/1.5 download.asp File File Disclosure Vulnerability ===================================================================...

CVE-2002-1019

CVE-2002-1019 affects the Adobe Content Server 3.0 library feature. The vulnerability arises in a downloadable eBook workflow where a remote attacker can manipulate the loanMin parameter in download.asp to extend the loan period for an arbitrary length of time. The available documentation explici...