3 matches found
BIT-HANDLEBARS-2021-32820 File disclosure in Express Handlebars
Express-handlebars is a Handlebars view engine for Express. Express-handlebars mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential...
BBS E-Market Professional bf_130 1.3.0 - Multiple File Disclosure Vulnerabilities
BBS E-Market Professional bf130 1.3.0 - Multiple File Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/11191/info BBS E-Market Professional is reported prone to multiple file disclosure vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data....
Fool's Workshop Owl's Workshop 1.0 - '/glossaries/index.php?File' Arbitrary File Access
source: https://www.securityfocus.com/bid/9689/info Owl's Workshop is reported prone to multiple remote file-disclosure vulnerabilities because the application fails to validate user-supplied input passed via a URI parameter. Upon successful exploitation of these issues, an attacker may be able t...