8 matches found
CVE-2025-15585
Fileflows versions before 25.05.2 are affected by an authenticated SQL injection vulnerability in the library-file search function. Successful exploitation requires the system to use MySQL as the underlying database and could result in privilege escalation or data exfiltration...
CVE-2025-15585
Fileflows versions before 25.05.2 are affected by an authenticated SQL injection vulnerability in the library-file search function. Successful exploitation requires the system to use MySQL as the underlying database and could result in privilege escalation or data exfiltration...
SUSE CVE-2022-22736
If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not world-writable by default.This bug only affects Firefox for Windows in a non-default installation...
PT-2023-15288 · Unknown · Pandora Fms Console
Name of the Vulnerable Software and Affected Versions: Pandora FMS Console versions prior to v767 Description: The issue arises from a Reflected Cross Site Scripting vulnerability in the Search Functionality of the Module Library. This vulnerability is triggered by the forget password...
uvic.ca XSS vulnerability
Vulnerable URL: http://www.uvic.ca/library/search.php?q=%22%3E%3Csvg%2Fonload%3Dalert%28%2Fxssposed.org%2F%29%3E=4=1=true Details: Description| Value ---|--- Patched:| Yes, at 15.05.2017 Latest check for patch:| 15.05.2017 17:12 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclos...
proxychains-ng -- current path as the first directory for the library search path
Mamoru TASAKA reports: proxychains4 sets LDPRELOAD to dlopen libproxychains4.so and execvp the arbitrary command user has specified. proxychains4 sets the current directory as the first path to search libproxychains4.so...
Mandrake Linux Security Advisory : ghostscript (MDKSA-2000:074)
The ghostscript package uses mktemp instead of mkstemp to create temporary files. It also uses improper LDRUNPATH values, which causes it to search for libraries in the current directory. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
CVE-2001-1374
Summary (concrete details from connected documents): The vulnerability is in the expect utility prior to version 5.32, where it searches for its libraries in /var/tmp before other directories. A local attacker could exploit this by placing a Trojan horse library that mkpasswd would load, potentia...