19 matches found
EUVD-2015-4481
Malware in sbrugna...
EUVD-2015-4483
Malware in sbrugna...
EUVD-2015-4482
Malware in sbrugna...
Epignosis eFront CMS Path Traversal Vulnerability
Epignosis eFront CMS is an online learning system with an Ajax interface from Epignosis, USA. The system allows you to create and manage courses with tools such as a content editor, file manager, and digital library. A path traversal vulnerability exists in Epignosis eFront CMS 3.6.15.4 and earli...
eFront CMS 3.6.15.4 Multiple Vulnerabilities
eFront CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only Info: There is an EOL detection for this produ...
CVE-2015-4461
Absolute path traversal vulnerability in eFront CMS 3.6.15.4 and earlier allows remote Professor users to obtain sensitive information via a full pathname in the other parameter...
Path traversal
Absolute path traversal vulnerability in eFront CMS 3.6.15.4 and earlier allows remote Professor users to obtain sensitive information via a full pathname in the other parameter...
CVE-2015-4461
Absolute path traversal in Epignosis/ eFront CMS 3.6.15.4 and earlier allows remote access to sensitive information via the other parameter. Affected component is the application’s path handling, enabling exposure of full pathnames. Documents consistently describe the vulnerability as a path trav...
CVE-2015-4461
Absolute path traversal vulnerability in eFront CMS 3.6.15.4 and earlier allows remote Professor users to obtain sensitive information via a full pathname in the other parameter...
Epignosis eFront CMS Arbitrary File Upload Vulnerability (CNVD-2017-26067)
Epignosis eFront CMS is an online learning system with an Ajax interface from Epignosis, USA. The system allows you to create and manage courses with tools such as a content editor, file manager, and digital library. An arbitrary file upload vulnerability exists in Epignosis eFront CMS versions...
Path traversal
Absolute path traversal vulnerability in the filemanager component of eFront CMS before 3.6.15.5 allows remote authenticated users to read arbitrary files via a full pathname in the "Upload file from url" field in the file manager for professor.php...
CVE-2015-4463
The filemanager component in eFront CMS before 3.6.15.5 allows remote authenticated users to bypass intended file-upload restrictions by appending a crafted parameter to the file URL...
Design/Logic Flaw
The filemanager component in eFront CMS before 3.6.15.5 allows remote authenticated users to bypass intended file-upload restrictions by appending a crafted parameter to the file URL...
CVE-2015-4462
Absolute path traversal vulnerability in the filemanager component of eFront CMS before 3.6.15.5 allows remote authenticated users to read arbitrary files via a full pathname in the "Upload file from url" field in the file manager for professor.php...
CVE-2015-4463
The CVE-2015-4463 entry concerns the file_manager component of eFront CMS prior to version 3.6.15.5. Affected software: eFront CMS. What is vulnerable: the file_manager’s file upload handling can be bypassed by remote authenticated users through a crafted parameter appended to the file URL, enabl...
CVE-2015-4462
The CVE-2015-4462 issue affects eFront CMS pre-3.6.15.5 in the file_manager component. It enables absolute path traversal via the Upload file from url field in professor.php, allowing remote authenticated users to read arbitrary files on the server. No remediation details are provided in the conn...
CVE-2015-4462
Absolute path traversal vulnerability in the filemanager component of eFront CMS before 3.6.15.5 allows remote authenticated users to read arbitrary files via a full pathname in the "Upload file from url" field in the file manager for professor.php...
eFront CMS 3.6.10 Information Disclosure
TITLE ....... eFront 3.6.10 CMS Information Disclosure bug DATE ........ 11.04.2012 public, after week or sth AUTOHR ...... http://hauntit.blogspot.com SOFT LINK ... http:// VERSION ..... 3.6.10 TESTED ON ... LAMP ----------------------------------------------------------------------- 1. What is...
eFront CMS 3.6.10 User Enumeration
TITLE ....... eFront 3.6.10 CMS user enumeration attack DATE ........ 11.04.2012 AUTOHR ...... http://hauntit.blogspot.com SOFT LINK ... http://www.efrontlearning.net VERSION ..... 3.6.10 TESTED ON ... LAMP ----------------------------------------------------------------------- 1. What is this? 2...