CVE-2022-34002

The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application...

CVE-2022-34002

The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application...

Design/Logic Flaw

The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application...

CVE-2022-34002

The ‘document’ parameter of PDS Vista 7’s /application/documents/display.aspx page is vulnerable to a Local File Inclusion vulnerability which allows an low-privileged authenticated attacker to leak the configuration files and source code of the web application...

CVE-2022-34002

The CVE-2022-34002 issue affects PDS Vista 7 and concerns a Local File Inclusion vulnerability in the /application/documents/display.aspx endpoint, specifically the document parameter. A low-privileged authenticated attacker could leak configuration files and source code of the web application. A...

Assura Personnel Data Systems Vista 7 路径遍历漏洞

Assura Personnel Data Systems Vista 7 PDS Vista 7 is a generic tax program from Assura. A security vulnerability in the External Applicants Security Hotfix XA client for Assura Personnel Data Systems Vista 7 versions prior to 7.1.7.2, which stems from improperly restricting pathnames to restricte...

Path traversal

In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid...

Aloaha Credential Provider Monitor 5.0.226 Privilege Escalation

Aloaha Credential Provider Monitor 5.0.226 Local Privilege Escalation Vulnerability Vendor: Aloaha Software - Wrocklage Intermedia GmbH Product web page: http://www.aloaha.com Affected version: 5.0.226 Summary: Aloaha Credential Provider represents one of the most dramatic changes in the Windows...

IBM Lotus iNotes dwa85W ActiveX Buffer Overflow Vulnerability

This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "AttachmentTimes" property, due to the insecure usage of the swscanf. The affected ActiveX is provided by the dwa85W.dll installed with the IBM Lotus iNote...

Windows Vista/7 SMB2.0 Negotiate Protocol Request Remote BSOD Vuln

No description provided by source. ============================================= - Release date: September 7th, 2009 - Discovered by: Laurent Gaffié - Severity: High ============================================= I. VULNERABILITY ------------------------- Windows Vista, Server 2008 R2, 7 RC :...