CVE-2023-30948 Retrieval of Attachments to Comments lacks Authorization

A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization checks. This could enable an authenticated user to inject a prior discovered attachment UUID into other arbitrary comments to discover it's conten...

CVE-2023-30948

Foundry Comments contains a vulnerability where attachments to comments were not gated by authorization checks, allowing an authenticated user to inject a known attachment UUID into other comments to view its content. Affected products: Foundry Comments versions prior to 2.249.0. Root cause: miss...

CVE-2023-30948 Retrieval of Attachments to Comments lacks Authorization

A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization checks. This could enable an authenticated user to inject a prior discovered attachment UUID into other arbitrary comments to discover it's conten...

Security Bulletin: Vulnerability in IMS™ Enterprise Suite: IMS Data Provider for Microsoft .NET

Summary Security defect. Vulnerability Details CVEID: CVE-2016-2887 DESCRIPTION: IBM IMS Enterprise Suite security defect affecting .NET application. CVSS Base Score: 4.2 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/113018 for the current score CVSS Environmental...

CVE-2018-5740

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, ...

antMan 0.9.1a - Authentication Bypass

antMan 0.9.1a - Authentication Bypass Exploit Title: antMan and the password to a url-encoded linefeed %0a, we can force the authentication script to produce return values not anticipated by the developer. To exploit these defects, use a web proxy to intercept the login attempt and modify the POS...

Kamailio 4.3.4 - Heap Buffer Overflow

census ID: census-2016-0009 CVE ID: CVE-2016-2385 Affected Products: Kamailio 4.3.4 and possibly previous versions Class: Heap-based Buffer Overflow CWE-122 Remote: Yes Discovered by: Stelios Tsampas Kamailio successor of former OpenSER and SER is an Open Source SIP Server released under GPL, abl...

Insufficient symlink verification in smbd.

Description All versions of Samba from 3.0.0 to 4.3.2 inclusive are vulnerable to a bug in symlink verification, which under certain circumstances could allow client access to files outside the exported share path. If a Samba share is configured with a path that shares a common path prefix with...

qpid-cpp: anonymous access to qpidd cannot be prevented

It was discovered that the Qpid daemon qpidd did not restrict access to anonymous users when the ANONYMOUS mechanism was disallowed...

BSD bmon <= 1.2.1_2 - Local Exploit

No description provided by source. !/usr/local/bin/bash Written by Idan Nahoum. [email protected] local exploit for FreeBSD/OpenBSD with bmon 1.2.12 installed. when bmon is executed with the -n parameter it popens netcat but fail to provide an absoluth path. some bsds are configured with acls that...

Joomla component(com_dshop) SQL injection flaws and fixes-vulnerability warning-the black bar safety net

Title: Joomla Component comdshop SQL Injection Vulnerability Author: CoBRa21 www.badguest.cn uykucu at windowslive.com Level: high risk SQL defects http://www.badguest.cn /PATH/index. php? option=comdshop&controller=fpage&task=flypage&idofitem=1 2 SQL Test example...

HDWiKi V 5.0 local contains 0Day-vulnerability warning-the black bar safety net

| 漏洞 文件 :\install\install.php Key code: ? php errorreportingEERROR | EWARNING | EPARSE; define'INHDWIKI', TRUE; define'HDWIKIROOT', '../'; $langname=$COOKIE'langname';/langname without any filter,direct from the Cookies deposited in langname/ ifisset$REQUEST'lang' / Detect whether the variable is...

web Thunder remote arbitrary file reading vulnerability-vulnerability warning-the black bar safety net

web Thunderbolt in the design and implementation problems, leading to a malicious attacker can read the install web Thunder user on the machine any files web Thunderbolt in the present machine there is a webserver, and the binding at 0. 0. 0. 0, while for the web request processing is not...

YUI JavaScript library -- JavaScript injection exploits in Flash components

The YUI team reports: A security-related defect was introduced in the YUI 2 Flash component infrastructure beginning with the YUI 2.4.0 release. This defect allows JavaScript injection exploits to be created against domains that host affected YUI .swf files...

[SECURITY] Samba 3.0.21-3.0.21c: Exposure of machine account credentials in winbindd log files

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Exposed clear text of domain machine == account password in debug logs log == level = 5 == CVE ID: CAN2006-1059 == == Versions: Samba Samba 3.0.21 - 3.0.21c inclusive == ==...

CVE-2026-6050

This CVE entry is rejected/not used and does not represent an active vulnerability.