8 matches found
CVE-2025-69906
Monstra CMS v3.0.4 contains an arbitrary file upload vulnerability in the Files Manager plugin. The application relies on blacklist-based file extension validation and stores uploaded files directly in a web-accessible directory. Under typical server configurations, this can allow an attacker to...
EUVD-2025-206862
Monstra CMS v3.0.4 contains an arbitrary file upload vulnerability in the Files Manager plugin. The application relies on blacklist-based file extension validation and stores uploaded files directly in a web-accessible directory. Under typical server configurations, this can allow an attacker to...
CVE-2023-46181
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 269686...
CVE-2023-23469
IBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 244504...
The vulnerability of Google Chrome’s web storage mechanism, which allows a hacker to circumvent existing security restrictions
The vulnerability of Google Chrome browser-based web storage is caused by synchronization errors when using a common resource. Exploiting this vulnerability can allow an attacker to bypass existing security restrictions remotely...
Security Bulletin: IBM Security Key Lifecycle Manager is affected by exposure of sensitive information to be cached by browser (CVE-2016-6097)
Summary IBM Security Key Lifecycle Manager allows web pages containing sensitive information to be cached by a browser. As a result this information will be stored unsafely for an indefinite amount of time on the user's hard drive. Attackers with local access or malware installed on the user's...
HTML5 browser exploit can flood your Hard Drive with junk data
Feross Aboukhadijeh, 22-year-old Web developer from Stanford has discovered HTML5 browser exploit can flood your Hard Drive with Cat and Dogs i.e junk data. Many times a website needs to leave a little data i.e 5-10KB on your computer like a cookie, but HTML5 allow sites to store larger amounts o...
[Kil13r-SA-20060606] ESTsoft InternetDISK Arbitary Code Execution Vulnerability
Title: Kil13r-SA-20060606 ESTsoft InternetDISK Arbitary Code Execution Vulnerability Author: Kil13r - http://www.kil13r.info/ Local / Remote: Remote Timeline: 2006/04/19 - Discovery 2006/04/19 - Vendor notification 2006/04/20 - Vendor response 2006/04/20 - Vendor patch release 2006/05/10 - Vendor...