SUSE CVE-2017-1000104

The Config File Provider Plugin is used to centrally manage configuration files that often include secrets, such as passwords. Users with only Overall/Read access to Jenkins were able to access URLs directly that allowed viewing these files. Access to view these files now requires sufficient...

PT-2023-16468 · WordPress · Wicked Folders

Name of the Vulnerable Software and Affected Versions: Wicked Folders plugin for WordPress versions up to, and including, 2.18.16 Description: The issue is related to a missing capability check on the ajax save state function, allowing authenticated attackers with subscriber-level permissions and...

CVE-2022-28955

An access control issue in D-Link DIR816LFW206b01 allows unauthenticated attackers to access folders folderview.php and categoryview.php...

CVE-2022-28955

An access control issue in D-Link DIR816LFW206b01 allows unauthenticated attackers to access folders folderview.php and categoryview.php...

D-Link DIR816 授权问题漏洞

The D-Link DIR816 is a wireless router from AUO D-Link of Taiwan, China. The D-Link DIR816L suffers from an Access Control Error vulnerability that stems from improper access control. An unauthenticated attacker could use this vulnerability to gain access to the folders folderview.php and...

D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router Authentication Bypass Vulnerability

D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router is a wireless router product from AUO D-Link. An authentication bypass vulnerability exists in the D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router. The vulnerability can be exploited to bypass the SharePort Web Access...

CVE-2018-9032

An authentication bypass vulnerability on D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router Hardware Version : A1, B1; Firmware Version : 1.02-2.06 devices potentially allows attackers to bypass SharePort Web Access Portal by directly visiting /categoryview.php or /folderview.php...

CVE-2018-9032

An authentication bypass vulnerability on D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router Hardware Version : A1, B1; Firmware Version : 1.02-2.06 devices potentially allows attackers to bypass SharePort Web Access Portal by directly visiting /categoryview.php or /folderview.php...

cPanel 11.18.3 - List Directories and Folders Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28300/info cPanel is prone to an information-disclosure vulnerability. An attacker can exploit this issue to determine programs that are running on the affected server and to view folders on other sites that are protected...

Internet Explorer vulnerable to cross-site scripting

Overview Internet Explorer contains a cross-site scripting vulnerability. Internet Explorer contains a cross-site scripting vulnerability due to the processing of malformed file names. Keigo Yamazaki of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer und...

The wrong executable may be used to display a downloaded file in its folder

Opera's downloads manager allows users to select a file, and open the folder containing that file. This file will be opened using the operating system's file system viewer. In some cases, Opera will use the wrong executable when trying to show the folder view, and that executable may execute code...

Internet Explorer Drag and Drop Code Execution (CVE-2005-0053)

Microsoft Internet Explorer provides a number of ways to represent remote or local content. One of its more powerful features is the Web folder view. The Web folder provides easy access to files located on a web server. A vulnerability exists in the Microsoft Internet Explorer security restrictio...

Internet Explorer Drag and Drop Elevation of Privilege (MS04-038; CVE-2004-0839)

Microsoft Internet Explorer provides a number of ways to represent remote or local content. One of it's more powerful features is the Web folder view. The Web folder provides easy access to files located on a web server. A vulnerability exists in the way Internet Explorer uses the web folder view...

MS IE5 + ftp proxy

Problem: IE5 doesn't use proxy for FTP connection if option "Enable folder view for FTP sites" is checked. This option is checked by default. Configuration: tested in 2 configurations: 1. Windows NT 4.0 wrkst + SP5 + IE5.0 2. Windows NT 4.0 wrkst + SP6a + IE5.01 both has a problems. There is no...