Lucene search
+L

68 matches found

Packet Storm
Packet Storm
added 2019/05/20 12:0 a.m.119 views

BulletProof FTP Server 2019.0.0.50 DNS Address / Storage-Path Denial Of Service

Exploit Title: BulletProof FTP Server 2019.0.0.50 - 'DNS Address' Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-18 Vendor Homepage: http://bpftpserver.com/ Software Link: http://bpftpserver.com/products/bpftpserver/windows/download Tested Version: 2019.0.0.50 Tested...

0.5AI score
Exploits0
OSV
OSV
added 2018/12/05 5:17 p.m.11 views

GHSA-7RR7-RCJW-56VJ Exposure of Sensitive Information to an Unauthorized Actor in activestorage

A bypass vulnerability in Active Storage = 5.2.0 for Google Cloud Storage and Disk services allow an attacker to modify the content-disposition and content-type parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as...

6.5CVSS6.3AI score0.01311EPSS
Exploits1References4
CVE
CVE
added 2018/11/30 7:0 p.m.95 views

CVE-2018-16477

CVE-2018-16477 describes a bypass vulnerability in Rails Active Storage (version >= 5.2.0) for Google Cloud Storage and the Disk service. The issue allows an attacker to modify the content-disposition and content-type parameters, enabling inline execution of HTML files. When combined with othe...

6.5CVSS6.2AI score0.01311EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2018/11/30 12:0 a.m.50 views

Exposure of Sensitive Information to an Unauthorized Actor

A bypass vulnerability in Active Storage for Google Cloud Storage and Disk services allow an attacker to modify the content-disposition and content-type parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as cookie...

6.5CVSS1.9AI score0.01311EPSS
Exploits1References3Affected Software1
RubySec
RubySec
added 2018/11/27 12:0 a.m.17 views

Bypass vulnerability in Active Storage

There is a vulnerability in Active Storage. This vulnerability has been assigned the CVE identifier CVE-2018-16477. Versions Affected: = 5.2.0 Not affected: 5.2.0 Fixed Versions: 5.2.1.1 Impact ------ Signed download URLs generated by ActiveStorage for Google Cloud Storage service and Disk servic...

6.5CVSS3.1AI score0.01311EPSS
Exploits1References1Affected Software1
myhack58
myhack58
added 2012/12/12 12:0 a.m.33 views

The General meta build system upload vulnerability and fix-vulnerability warning-the black bar safety net

General yuan in the construction of the station system there upload vulnerability, you can directly upload any files, no filtering. The General meta build system website, there are upload points Access...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2009/11/25 3:53 p.m.12 views

PDFs on IE8 Can Disclose User Path Info

Using Internet Explorer and a virtual PDF generator to print a PDF file from a HTML page causes the document’s entire storage path, for example file://C:UsersdabDownloadsdocument.pdf, to be stored in the document itself. Read the full article. The H Security...

Exploits0References2
securityvulns
securityvulns
added 2001/06/19 12:0 a.m.63 views

Multiple Vulnerabilities In AMLServer

Strumpf Noir Society Advisories ! Public release ! -- -= Multiple Vulnerabilities In AMLServer =- Release date: Monday, June 18, 2001 Introduction: Air Messenger LAN Server is a paging gateway server for MS Windows that allows you to send and recieve messages to a paging network over a TCP/IP LAN...

Exploits0
Rows per page
Query Builder