EUVD-2017-7800

Malware in sbrugna...

Metasoft MetaCRM 代码问题漏洞

Metasoft MetaCRM is a customer relationship management system software from China Metasoft Metasoft. A code issue vulnerability exists in Metasoft MetaCRM 6.4.2 and earlier versions, which stems from the improper handling of the parameter p in the AnalyzeParam function in the file download.jsp,...

CVE-2019-9632

ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax request...

Advantech WebAccess/NMS download.jsp Directory Traversal Information Disclosure and Denial-of-Service Vulnerability

This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the download.jsp...

CVE-2019-9632

ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax request...

CVE-2019-9632

CVE-2019-9632 affects ESAFENET CDG V3 and V5. The vulnerability enables arbitrary file download via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax request. Reported impact is information disclosure; CVSSv3 base score 7.5 (HI...

CVE-2017-16609

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within download.jsp. The issue results from the lack of proper validation ...

CVE-2017-16609

Summary: CVE-2017-16609 affects NetGain Enterprise Manager. The flaw is in the download.jsp path where a user-supplied string is not properly validated before using it to download a file. This allows remote, unauthenticated attackers to disclose sensitive information from vulnerable installations...

NetGain Enterprise Manager Arbitrary File Download Vulnerability

Netgain Enterprise Manager is a suite of IT asset monitoring and management software from NetGain Systems, Singapore. An arbitrary file download vulnerability exists in the download.jsp file in Netgain Enterprise Manager, which occurs when the program fails to properly detect a user-submitted...

Korean GHBoard FlashUpload Component download.jsp name Parameter Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/26182/info GHBoard is prone to multiple vulnerabilities that let attackers upload and download arbitrary files and execute arbitrary code within the context of the webserver process...

From download. jsp to the root-vulnerability warning-the black bar safety net

The pain of belief According to this structure:'//union//select//1,'admin','admin',1,1,1-password any %@ page import="java. util., java. io."%& gt; % % %-- abysssec inc public material just upload this file with abysssec. jsp and execute your command your command will run as administrator . you c...

Korean GHBoard FlashUpload Component - download.jsp?name Arbitrary File Access

Korean GHBoard FlashUpload Component - download.jsp?name Arbitrary File Access...

Korean GHBoard FlashUpload Component - 'download.jsp?name' Arbitrary File Access

source: https://www.securityfocus.com/bid/26182/info GHBoard is prone to multiple vulnerabilities that let attackers upload and download arbitrary files and execute arbitrary code within the context of the webserver process...