VulnCheck KEV: CVE-2025-32818

A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service DoS condition...

CVE-2005-1678

Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 does not properly display file extensions on attached or embedded files in a compound document, which may allow remote attackers to trick users into executing malicious code...

CVE-2005-1675

Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 installs the client installation directories with insecure EVERYBODY permissions, which allows local users to gain sensitive information...

SonicWall SonicOS DOS (SNWLID-2025-0009)

According to its self-reported version, the remote SonicWall firewall is running a version of SonicOS that is affected by a denial of service vulnerability stemming from the Virtual Office interface that could allow a remote, unauthenticated attacker to crash the firewall and initiating a Denial ...

EUVD-2005-1677

Malware in sbrugna...

EUVD-2006-3836

Malware in sbrugna...

EUVD-2005-1679

Malware in sbrugna...

EUVD-2005-1680

Malware in sbrugna...

EUVD-2005-1678

Malware in sbrugna...

SonicWALL SonicOS SSLVPN 代码问题漏洞

SonicWALL SonicOS SSLVPN is a virtual private network for secure remote access from SonicWALL USA. A code issue vulnerability exists in SonicWALL SonicOS SSLVPN that originates from a null pointer dereference in the SSLVPN virtual office interface, which could result in a denial of service...

CVE-2023-5970

Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated attacker to create an identical external domain user using accent characters, resulting in an MFA bypass...

virtualofficebrisbane.com.au Cross Site Scripting vulnerability OBB-3773255

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

The future of compliance and data governance is here: Introducing Microsoft Purview

The worldwide shift to a hybrid workplace has pushed us all to embrace ubiquitous connectivity. Those new connections have helped us become more collaborative; routinely editing and sharing documents in real-time from wherever we happen to be working. Instant messaging went from being a tool of...

smartvirtualoffice.com.sg Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1170171 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

PHPB2B网站管理系统SQL注入#2(无视防注入)

简要描述： SQL注入2 详细说明： 注入链接：/virtual-office/brand.php 注入参数：databrand 漏洞代码：（第24行开始） if isset$POST'save' && !empty$companyid $company-newCheckStatus$companyinfo'status'; if!empty$POST'data''brand' $vals = $POST'data''brand'; ifisset$POST'id' $id = intval$POST'id'; $attachment-renamefile =...

PHPB2B某处sql注入#4

简要描述： PHPB2B某处sql注入4 详细说明： PHPB2B某处sql注入 官网下载的最新版本 virtual-office/news.php 73-80行 if isset$POST'del' $result = $companynews-del$POST'newsid', $conditions; if $result flash"success"; else flash"actionfailed"; post的数据传入del函数，跟入看看。 function del$ids, $conditions = null, $table = null $delid =...

PHPB2B某处sql注入#5

简要描述： PHPB2B某处sql注入5 详细说明： 官网下载的最新版本 PHPB2B某处sql注入 virtual-office/favor.php 25-45行 ifisset$POST'do' && isset$POST'id' //check limit $typeid = 1; $flimit = $pdb-GetOne$sql = "SELECT countid FROM $tbprefixfavorites WHERE typeid='".$typeid."' AND memberid=".$thememberid; if...

PHPB2B注入#3(绕过过滤)

简要描述： PHPB2B某处注入 绕过过滤。 官方最新版本. https://github.com/ulinke/phpb2b/archive/master.zip 详细说明： 1.注册企业会员。 2.注册企业会员且通过审核。 发布产品。 漏洞文件。virtual-office/product.php Content-Disposition: form-data; name="dataproductsortid" Content-Disposition: form-data; name="dataproductname" ... ... post提交:Content-Dispositio...

CVE-2007-6530

Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function...

Groove Virtual Office XUpload ActiveX控件缓冲区溢出漏洞

Groove Virtual Office是一款协同办公处理文档的应用程序。 Groove Virtual Office包含的XUpload ActiveX控件存在缓冲区溢出，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 XUpload ActiveX控件对"AddFolder"方法缺少正确的边界错误，构建恶意的WEB页，诱使用户访问，可触发缓冲区溢出，精心构建提交数据可能以应用程序进程权限执行任意指令。 Groove Virtual Office 3.x Office Groove 2007不受此漏洞影响：...