CVE-2019-25258 LogicalDOC Enterprise 7.7.4 Multiple Post-Authentication Directory Traversal Vulnerabilities

LogicalDOC Enterprise 7.7.4 contains multiple post-authentication file disclosure vulnerabilities that allow attackers to read arbitrary files through unverified 'suffix' and 'fileVersion' parameters. Attackers can exploit directory traversal techniques in /thumbnail and /convertpdf endpoints to...

CVE-2019-25258

LogicalDOC Enterprise 7.7.4 is affected by post-authentication file disclosure vulnerabilities. The issue arises from insufficient validation of suffix and fileVersion parameters, enabling directory traversal in the /thumbnail and /convertpdf endpoints to read arbitrary files (e.g., win.ini, /etc...

PT-2025-53344

Name of the Vulnerable Software and Affected Versions LogicalDOC Enterprise version 7.7.4 Description The software contains multiple post-authentication file disclosure issues that allow attackers to read arbitrary files through unverified suffix and fileVersion parameters. Attackers can exploit...

LogicalDOC Enterprise 安全漏洞

LogicalDOC Enterprise is a document management system from the Italian company LogicalDOC. A security vulnerability exists in LogicalDOC Enterprise version 7.7.4, which stems from insufficient validation of the suffix and fileVersion parameters and could lead to arbitrary file disclosure...

Foxit Studio Photo Detection (Windows SMB Login)

Detects the installed version of Foxit Studio Photo for Windows. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerabilities of Microsoft Excel editors, programs for viewing Xls and Xlsx files (Excel Viewer), the Microsoft SharePoint Server corporate application suite, and the Microsoft Office Compatibility Pack enable a hacker to execute arbitrary code.

The vulnerability of Microsoft Excel editors, the Xls and Xlsx file viewers, Microsoft SharePoint Server, and the Microsoft Office Compatibility Pack are related to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to execute arbitrary code remotely by...

Memory corruption

Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Excel Viewer, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 allows remote...

Microsoft Office Excel fileVersion Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

TRENDnet SecurView Wireless Network Camera TV-IP422WN - 'UltraCamX.ocx' Stack Buffer Overflow (PoC)

TRENDnet SecurView Wireless Network Camera TV-IP422WN UltraCamX.ocx Stack BoF Vendor: TRENDnet Product web page: http://www.trendnet.com Affected version: TV-IP422WN/TV-IP422W Summary: SecurView Wireless N Day/Night Pan/Tilt Internet Camera, a powerful dual-codec wireless network camera with the...