6 matches found
CVE-2024-50617
Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. Retriev...
Security Bulletin: IBM Security QRadar EDR could allow Unauthorized File Retrieval via SMB (CVE-2024-45644)
Summary IBM Security QRadar EDR allows SMB file downloads, restricted to Administrator and Responder accounts. This behavior follows Windows OS defaults, and documentation will be updated to recommend NTLM restrictions and least privilege access controls. Vulnerability Details CVEID:CVE-2024-4564...
CVE-2020-11700
An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter fname, used on the page certs-x.php, would allow an attacker to retrieve the contents of arbitrary files. The user has to be authenticated before interacting with this page...
Luca Deri ntop 1.2 a7-9 Unauthorized File Retrieval Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1550/info ntop is a tool that shows the network usage, similar to what the popular top Unix command does. Starting ntop in web mode with the -w parameter starts ntop with it's own built in HTTP server, to allow remote...
Metainfo Sendmail 2.0/2.5,MetaIP 3.1
No description provided by source. source: http://www.securityfocus.com/bid/110/info MetaInfo www.metainfo.com puts out many NT service products, including MetaIP DHCP/DNS manager and Sendmail Unix port. Both products allow remote administration via Web UIs, and MetaIP uses Java to communicate ba...
Luca Deri ntop 1.2 a7-9 - Unauthorized File Retrieval
source: https://www.securityfocus.com/bid/1550/info ntop is a tool that shows the network usage, similar to what the popular top Unix command does. Starting ntop in web mode with the -w parameter starts ntop with it's own built in HTTP server, to allow remote access to the functions it provides...