KF Web Server 3.2.0 Remote Contents Change

Securitylab.ir Application Info: Name: KF Web Server Version: 3.2.0 Download: http://keyfocus.net/kfws/download/kfws32.exe Vulnerability Info: Type: Remote Contents Change Risk: Medium Vulnerability: http://127.0.0.1:9727/index.wkf?opmenu=1 http://127.0.0.1:9727/index.wkf?opmenu=2 Edit general...

KF Web Server v3.2.0 Remote Contents Change Vulnerability

No description provided by source. Securitylab.ir Application Info: Name: KF Web Server Version: 3.2.0 Download: http://keyfocus.net/kfws/download/kfws32.exe Vulnerability Info: Type: Remote Contents Change Risk: Medium Vulnerability: http://127.0.0.1:9727/index.wkf?opmenu=1...

CVE-2007-3396

CVE-2007-3396 is an XSS vulnerability in the KeyFocus (KF) web server 3.1.0, affected code path index.wkf where an attacker can inject arbitrary script/HTML via the opsubmenu parameter. The issue arises from improper handling/validation of the opsubmenu input, enabling script execution in the vic...

KF Web Server /%00 bug

Requesting a URL with '/%00' appended to it makes some versions of KF Web Server to dump the listing of the directory, thus showing potentially sensitive files. OpenVAS Vulnerability Test $Id: KBWebServerpercent00.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: KF Web Server /%00 bug Authors...

KF Web Server /%00 bug

Requesting a URL with SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only References: From:"Securiteinfo.com" To:[email protected] Date: Sun,...

CVE-2002-1031

CVE-2002-1031 affects KeyFocus (KF) web server 1.0.2. The vulnerability permits remote attackers to list directories and read restricted files through an HTTP request containing a null byte (%00). The NVD analysis indicates network access with low attack complexity and no authentication, resultin...

Key Focus KF Web Server 1.0.8 - Directory Traversal

source: https://www.securityfocus.com/bid/6180/info KeyFocus KF Web Server is vulnerable to a directory traversal attack. This is due to the web server's inability to properly handle file names containing consecutive dot characters. By exploiting this vulnerability, an attacker is able to break o...

Key Focus KF Web Server 1.0.8 - Directory Traversal

Key Focus KF Web Server 1.0.8 - Directory Traversal source: https://www.securityfocus.com/bid/6180/info KeyFocus KF Web Server is vulnerable to a directory traversal attack. This is due to the web server's inability to properly handle file names containing consecutive dot characters. By exploitin...

KF Web Server version 1.0.2 shows file and directory content

KF Web Server version 1.0.2 shows file and directory content .oO Overview Oo. KF Web Server version 1.0.2 shows file and directory content Discovered on 2002, July, 2nd Vendor: KeyFocus http://www.keyfocus.net/kfws/ KF Web Server 1.0.2 is a free personal web server available for Windows...

Directory content leakage in KF Web Server

Invalid processing of 00 in URLs...

Key Focus KF Web Server 1.0.2 - Directory Contents Disclosure

source: https://www.securityfocus.com/bid/5177/info It has been reported that version 1.0.2 of KF Web Server discloses the contents of directories when a certain character is present in the URL. If a remote attacker appends the "%00" character, it will cause the web server to display the contents...

kf-1.2.txt

KF Web Server version 1.0.2 shows file and directory content .oO Overview Oo. KF Web Server version 1.0.2 shows file and directory content Discovered on 2002, July, 2nd Vendor: KeyFocus http://www.keyfocus.net/kfws/ KF Web Server 1.0.2 is a free personal web server available for Windows...