EUVD-2019-16925

Malware in sbrugna...

Simple File List < 6.0.10 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Go to...

CVE-2022-25410

Maxsite CMS v180 was discovered to contain a stored cross-site scripting XSS vulnerability via the parameter ffiledescription at /admin/files...

qdPM cross-site scripting vulnerability (CNVD-2020-64598)

qdPM is a Web-based open source project management tool . A security vulnerability exists in qdPM version 9.1, which stems from the file upload feature not checking the file description, and can be exploited by an attacker to inject web scripts or HTML via attachment message parameters XSS...

FreeBSD : FreeBSD -- File description reference count leak (0d3f99f7-b30c-11e9-a87f-a4badb2f4699)

If a process attempts to transmit rights over a UNIX-domain socket and an error causes the attempt to fail, references acquired on the rights are not released and are leaked. This bug can be used to cause the reference counter to wrap around and free the corresponding file structure. Impact : A...

FreeBSD -- File description reference count leak

Problem Description: If a process attempts to transmit rights over a UNIX-domain socket and an error causes the attempt to fail, references acquired on the rights are not released and are leaked. This bug can be used to cause the reference counter to wrap around and free the corresponding file...

FreeBSD : FreeBSD -- File description reference count leak (86c89abf-2d91-11e9-bf3e-a4badb2f4699)

FreeBSD 12.0 attempts to handle the case where the receiving process does not provide a sufficiently large buffer for an incoming control message containing rights. In particular, to avoid leaking the corresponding descriptors into the receiving process' descriptor table, the kernel handles the...

FreeBSD -- File description reference count leak

Problem Description: FreeBSD 12.0 attempts to handle the case where the receiving process does not provide a sufficiently large buffer for an incoming control message containing rights. In particular, to avoid leaking the corresponding descriptors into the receiving process' descriptor table, the...

glibc security, bug fix, and enhancement update

2.17-260.0.9 - Regenerate plural.c - OraBug 28806294. - Reviewed-by: Jose E. Marchesi 2.17-260.0.7 - intl: Port to Bison 3.0 - Backport of upstream gettext commit 19f23e290a5e4a82b9edf9f5a4f8ab6192871be9 - OraBug 28806294. - Reviewed-by: Patrick McGehearty 2.17-260.0.5 - Fix dbl-64/wordsize-64...

Design/Logic Flaw

A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service DoS condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specifi...

XODA Document Management System 0.4.5 - XSS & Arbitrary File Upload

No description provided by source. Exploit Title: XODA Document Management System Stored XSS & Arbitrary File Upload Vulnerability. Date: 21/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://xoda.org/ Software Link: http://sourceforge.net/projects/xoda/files/xoda/xoda-0.4.5/...

phpdisk V7 注入一枚(直接出数据)。

简要描述： PHPDisk网盘系统 v7.0 20140529更新： 修正网盘云上传无法显示文件 部分主机无法使用系统验证码 端午放假,躁起来。 详细说明： WooYun: phpdisk V7 sql注入2 在爆了这个洞之后 看看phpdisk怎么修复的。 $file = unserializebase64decode$data; /foreach$file as $k=$v $file$k = $db-escape$file$v; / //没搞懂这里为什么要注释掉 如果不注释掉还不会出现这问题。 $filefileid = int$filefileid; $filefilesize ...

MW6 Technologies Aztec - ActiveX &#039;Data&#039; Buffer Overflow (PoC)

object id=TestObj classid="CLSID:F359732D-D020-...

DEBIAN-CVE-2006-6808

Cross-site scripting XSS vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter. NOTE: some sources have reported this as a vulnerability in the getfiledescription function in wp-admin/admin-functions.php...

ByteHoard &lt;= 2.1 multiple vulnerabilities

ByteHoard = 2.1 multiple vulnerabilities Discovered by: Nomenumbra Date: 23/5/2006 impact:high file manipulation,privilege escalation,possible defacement ByteHoard versions up to 2.1 are prone to multiple vulnerabilities, including directory traversal. 0x00 Directory traversal: Users are able to...

CVE-2002-1756

ACDSee 4.0 allows remote attackers to cause a denial of service crash via an .ais file with a long file description field, which is not properly handled when the file properties of the file are viewed...

CVE-2002-1756

ACDSee 4.0 allows remote attackers to cause a denial of service crash via an .ais file with a long file description field, which is not properly handled when the file properties of the file are viewed...