68 matches found
BulletProof FTP Server 2019.0.0.50 DNS Address / Storage-Path Denial Of Service
Exploit Title: BulletProof FTP Server 2019.0.0.50 - 'DNS Address' Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-18 Vendor Homepage: http://bpftpserver.com/ Software Link: http://bpftpserver.com/products/bpftpserver/windows/download Tested Version: 2019.0.0.50 Tested...
GHSA-7RR7-RCJW-56VJ Exposure of Sensitive Information to an Unauthorized Actor in activestorage
A bypass vulnerability in Active Storage = 5.2.0 for Google Cloud Storage and Disk services allow an attacker to modify the content-disposition and content-type parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as...
CVE-2018-16477
CVE-2018-16477 describes a bypass vulnerability in Rails Active Storage (version >= 5.2.0) for Google Cloud Storage and the Disk service. The issue allows an attacker to modify the content-disposition and content-type parameters, enabling inline execution of HTML files. When combined with othe...
Exposure of Sensitive Information to an Unauthorized Actor
A bypass vulnerability in Active Storage for Google Cloud Storage and Disk services allow an attacker to modify the content-disposition and content-type parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as cookie...
Bypass vulnerability in Active Storage
There is a vulnerability in Active Storage. This vulnerability has been assigned the CVE identifier CVE-2018-16477. Versions Affected: = 5.2.0 Not affected: 5.2.0 Fixed Versions: 5.2.1.1 Impact ------ Signed download URLs generated by ActiveStorage for Google Cloud Storage service and Disk servic...
The General meta build system upload vulnerability and fix-vulnerability warning-the black bar safety net
General yuan in the construction of the station system there upload vulnerability, you can directly upload any files, no filtering. The General meta build system website, there are upload points Access...
PDFs on IE8 Can Disclose User Path Info
Using Internet Explorer and a virtual PDF generator to print a PDF file from a HTML page causes the document’s entire storage path, for example file://C:UsersdabDownloadsdocument.pdf, to be stored in the document itself. Read the full article. The H Security...
Multiple Vulnerabilities In AMLServer
Strumpf Noir Society Advisories ! Public release ! -- -= Multiple Vulnerabilities In AMLServer =- Release date: Monday, June 18, 2001 Introduction: Air Messenger LAN Server is a paging gateway server for MS Windows that allows you to send and recieve messages to a paging network over a TCP/IP LAN...