CVE-2018-18912

CVE-2018-18912 affects Easy File Sharing (EFS) Web Server 7.2. The vulnerability is a stack-based buffer overflow triggered by a crafted POST request to forum.ghp when creating a new topic in the forums, allowing remote code execution. Public exploit details are present in third‑party description...

EFS Easy File Sharing Web Server Buffer Overflow Vulnerability

EFS Easy File Sharing EFS Web Server is a set of file sharing software from the Dutch company EFS Software that combines the functions of a forum website, file uploading, downloading, sharing and image sharing. A stack buffer overflow vulnerability exists in EFS EFS Web Server version 7.2. A remo...

CVE-2018-9059

Stack-based buffer overflow in Easy File Sharing EFS Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. NOTE: this may overlap CVE-2014-3791...

Easy File Sharing Web Server 7.2 - Account Import Local Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits !/usr/bin/python 2017/6/17 Chako EFS Web Server 7.2 - Local Buffer OverflowSEH Tested on: Windows XP SP3 EN DEP Off Software Link: https://www.exploit-db.com/apps/60f3ff1f3cd34dec80fba130ea481f31-efssetup.exe Description: When importing a...

Easy File Sharing Web Server 7.2 - Account Import Local Buffer Overflow (SEH)

!/usr/bin/python 2017/6/17 Chako EFS Web Server 7.2 - Local Buffer OverflowSEH Tested on: Windows XP SP3 EN DEP Off Software Link: https://www.exploit-db.com/apps/60f3ff1f3cd34dec80fba130ea481f31-efssetup.exe Description: When importing a large user account file on to EFS Web Server 7.2 will...

Easy File Sharing Web Server 7.2 - Account Import Local Buffer Overflow (SEH)

Easy File Sharing Web Server 7.2 - Account Import Local Buffer Overflow SEH !/usr/bin/python 2017/6/17 Chako EFS Web Server 7.2 - Local Buffer OverflowSEH Tested on: Windows XP SP3 EN DEP Off Software Link: https://www.exploit-db.com/apps/60f3ff1f3cd34dec80fba130ea481f31-efssetup.exe Description:...

CVE-2014-5178

Multiple cross-site scripting XSS vulnerabilities in Easy File Sharing EFS Web Server 6.8 allow remote authenticated users to inject arbitrary web script or HTML via the content parameter when 1 creating a topic or 2 posting an answer. NOTE: some of these details are obtained from third party...

CVE-2014-5178

CVE-2014-5178 affects Easy File Sharing (EFS) Web Server 6.8. The vulnerability is cross-site scripting (XSS) triggered by the content parameter during topic creation or when posting an answer, exploitable by remote authenticated users. The provided documents do not specify a patch or a remediati...

CVE-2014-5178

Multiple cross-site scripting XSS vulnerabilities in Easy File Sharing EFS Web Server 6.8 allow remote authenticated users to inject arbitrary web script or HTML via the content parameter when 1 creating a topic or 2 posting an answer. NOTE: some of these details are obtained from third party...

CVE-2014-3791

CVE-2014-3791 affects Easy File Sharing Web Server (EFS) Web Server, with a stack-based buffer overflow in the SESSIONID cookie handling (UserID) in vfolder.ghp, enabling remote code execution. The Red Hat entry reiterates the same description for EFS Web Server 6.8. Exploitation details are not ...

CVE-2009-4809

Affects Easy File Sharing (EFS) Web Server 4.8. The vulnerability is a directory traversal in thumbnail.ghp where an attacker can read arbitrary files by manipulating the vfolder parameter (dot-dot sequence). This is a file-read impact, enabling access to portions of the server’s filesystem. The ...

CVE-2006-5713

CVE-2006-5713 describes an XSS vulnerability in Easy File Sharing (EFS) Web Server 4.0. The issue allows remote attackers to inject arbitrary web script or HTML through the forum-thread posting parameters: author, content, or title. The metadata indicates cross-site scripting with no confidential...

CVE-2003-1297

CVE-2003-1297 affects Easy File Sharing (EFS) Web Server 1.2. The web server stores the option.ini (options.ini) file and the log directory under the web root with insufficient access control, enabling remote attackers to read sensitive data. The disclosed data can include an SMTP account usernam...

Cross site scripting

Cross-site scripting XSS vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote attackers to inject arbitrary web script or HTML via the Description field in creating a folder or uploading a file...

CVE-2006-1160

Cross-site scripting XSS vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote attackers to inject arbitrary web script or HTML via the Description field in creating a folder or uploading a file...

CVE-2006-1159

Format string vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via format string specifiers in the query string argument in an HTTP GET request...

CVE-2006-1160

CVE-2006-1160 affects Easy File Sharing Web Server (EFS) Web Server 3.2. The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via the Description field when creating a folder or uploading a file. The provided sources specify th...

CVE-2006-1161

CVE-2006-1161 affects Easy File Sharing Web Server (EFS) Web Server 3.2. It describes an absolute path traversal that allows remote registered users to upload a malicious file to the Windows startup folder and thereby execute arbitrary code. The provided documents consistently identify the vulner...

CVE-2006-1160

Cross-site scripting XSS vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote attackers to inject arbitrary web script or HTML via the Description field in creating a folder or uploading a file...