CVE-2015-5953

Cross-site scripting XSS vulnerability in the activity application in ownCloud Server before 7.0.5 and 8.0.x before 8.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a " double quote character in a filename in a shared folder...

CVE-2015-5953

Cross-site scripting XSS vulnerability in the activity application in ownCloud Server before 7.0.5 and 8.0.x before 8.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a " double quote character in a filename in a shared folder...

SynaMan 3.4 Build 1436 CSRF / Cross Site Scripting

Exploit Title: Multiple vulnerabilities in SynaMan 3.4 Build 1436 CSRF/Stored XSS Date: 07-05-2015 Exploit Author: Marlow Tannhauser Contact: [email protected] Vendor Homepage: http://www.synametrics.com Software Link: http://web.synametrics.com/SynaManDownload.htm Version: 3.4 Build 143...

SynaMan 3.4 Build 1436 - Multiple Vulnerabilities

SynaMan 3.4 Build 1436 - Multiple Vulnerabilities Exploit Title: Multiple vulnerabilities in SynaMan 3.4 Build 1436 CSRF/Stored XSS Date: 07-05-2015 Exploit Author: Marlow Tannhauser Contact: [email protected] Vendor Homepage: http://www.synametrics.com Software Link:...

SynaMan 3.4 Build 1436 - Multiple Vulnerabilities

Exploit Title: Multiple vulnerabilities in SynaMan 3.4 Build 1436 CSRF/Stored XSS Date: 07-05-2015 Exploit Author: Marlow Tannhauser Contact: [email protected] Vendor Homepage: http://www.synametrics.com Software Link: http://web.synametrics.com/SynaManDownload.htm Version: 3.4 Build 143...

EarthStation 5 Search Service Remote File Deletion Vulnerabililty

No description provided by source. source: http://www.securityfocus.com/bid/8753/info It has been reported that EarthStation 5 is prone to a file deletion vulnerability that may allow a remote attacker to delete arbitrary files on a vulnerable system. The problem is reported to exist in the Searc...

Synology DSM 4.3-3810 - Directory Traversal

Exploit for cgi platform in category web applications Title: Synology DSM multiple directory traversal Version affected: = 4.3-3810 Vendor: Synology Discovered by: Andrea Fabrizi Email: email protected Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: patched CVE: 2013-6987 I'm again...

CVE-2010-1820

Apple Filing Protocol AFP Server in Apple Mac OS X 10.6.x through 10.6.4 does not properly handle errors, which allows remote attackers to bypass the password requirement for shared-folder access by leveraging knowledge of a valid account name...

SAP GUI (SAPGUI) — DLL hijacking

Application: SAP GUI Versions Affected: 6.4 — 7.2 Vendor URL: Bugs: DLL hijacking Exploits: YES Reported: 24.08.2010 Vendor response: 26.08.2010 Date of Public Advisory: 09.03.2011 CVE-number: Author: Alexey Sintsov, Alexandr Polyakov Description SAP Front End applications SAPGui.exe are vulnerab...

VMware Products Multiple Vulnerabilities (VMSA-2009-0005/VMSA-2009-0007)

VMware products installed on the remote host are reportedly affected by multiple vulnerabilities : - A vulnerability in the guest virtual device driver could allow an attacker to use the guest operating system to crash the host operating system. CVE-2008-3761 - A denial of service vulnerability...

[ISecAuditors Security Advisories] SmbClientParser Perl module allows remote command execution

============================================= INTERNET SECURITY AUDITORS ALERT 2006-006 - Original release date: February 28, 2006 - Last revised: July 18th, 2008 - Discovered by: Jesus Olmos Gonzalez - Severity: 5/5 ============================================= I. VULNERABILITY...

SmbClientParser shell characters vulnerability

Shell characters vulnerability with shared folder names...

SmbClientParser 2.7 Perl Module - Remote Command Execution

source: https://www.securityfocus.com/bid/30290/info The SmbClientParser Perl module is prone to a remote command-execution vulnerability because it fails to sufficiently sanitize user-supplied data. Successfully exploiting this issue will allow an attacker to execute arbitrary commands with the...

CVE-2008-1330

The CVE-2008-1330 issue affects Novell GroupWise for Windows (Windows client API) on GroupWise 7 (before SP3) and GroupWise 6.5 (before SP6 Update 3). The described fault occurs when handling shared folders, allowing remote authenticated users to access non-shared e-mail messages in a mailbox of ...

Several critical security vulnerabilities have been addressed in the newest releases of VMware's hosted product line

a. Host to guest shared folder HGFS traversal vulnerabilityOn Windows hosts, if you have configured a VMware host to guest shared folder HGFS, it is possible for a program running in the guest to gain access to the host's file system and create or modify executable files in sensitive locations...

Without the password you can also enter the shared folder-vulnerability warning-the black bar safety net

| ! --- Figure 1 ! --- If your colleaguesor leadership, huh? not too good at write down the long password that you do on your machine is he specifically assigned a no-password user, so the user just enter the username you can access you assign him resources? First right-click“My Computer”, then...

Проблемы в TrendMicro InterScan VirusWall (shared folder permissons)

При установке создается разделяемая папка, содержащая исполняемые файлы доступная всем пользователям на запись/изменение...