17 matches found
[SECURITY] Fedora 44 Update: nginx-mod-fancyindex-0.6.0-4.fc44
The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...
Medusa Ransomware Claims Comcast Data Breach, Demands $1.2M
Medusa ransomware group claims 834 GB data theft from Comcast, demanding $1.2M ransom while sharing screenshots and file listings...
CVE-2022-25847
All versions of the package serve-lite are vulnerable to Cross-site Scripting XSS because when it detects a request to a directory, it renders a file listing of all of its contents with links that include the actual file names without any sanitization or output encoding...
[SECURITY] Fedora 41 Update: nginx-mod-fancyindex-0.5.2-10.fc41
The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...
[SECURITY] Fedora 40 Update: nginx-mod-fancyindex-0.5.2-7.fc40
The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...
[SECURITY] Fedora 39 Update: nginx-mod-fancyindex-0.5.2-5.fc39
The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...
Fedora: Security Advisory for nginx-mod-fancyindex (FEDORA-2024-8ba5080dfa)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-25847
All versions of the package serve-lite are vulnerable to Cross-site Scripting XSS because when it detects a request to a directory, it renders a file listing of all of its contents with links that include the actual file names without any sanitization or output encoding...
wikmd 路径遍历漏洞
wikmd is a file-based wiki for individual linbreux developers. A security vulnerability exists in versions of wikmd prior to 1.7.1, which stems from vulnerability to path traversal when accessing /list/ and can leak the list of files on the server...
U.S. General Services Administration: Path Traversal on meetcqpub1.gsa.gov allows attackers to see arbitrary file listings.
Summary: Path Traversal on meetcqpub1.gsa.gov allows attackers to see arbitrary file listings from a directory of their choice. I wasn't sure if this page was in scope of this program or the TTS program, hopefully this isn't a problem Steps To Reproduce: 1. Navigate to the following URL -...
CVE-2017-3844
A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files. Affected Products: Cisco Prime Collaboration Assurance software versions 11.0, 11.1, and 11.5 are...
php: integer overflow leading to heap overflow when reading FTP file listing
An integer overflow flaw leading to a heap-based buffer overflow was found in the way PHP's FTP extension parsed file listing FTP server responses. A malicious FTP server could use this flaw to cause a PHP application to crash or, possibly, execute arbitrary code...
Firefox file location escaping flaw
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting XSS attacks or have unspecified other impact via a crafted filename...
Firefox file location escaping flaw
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting XSS attacks or have unspecified other impact via a crafted filename...
Firefox file location escaping flaw
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting XSS attacks or have unspecified other impact via a crafted filename...
Firefox file location escaping flaw
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting XSS attacks or have unspecified other impact via a crafted filename...
CVE-1999-0059
IRIX fam service allows an attacker to obtain a list of all files on the server...