Code Injection in microweber/microweber

Description HTML Injection is a vulnerability in which the attacker can inject malicious html content in the webpage. Proof of Concept 1 Admin has enabled Comments module, so that people can comment on a blog post. 2 Attacker post the following comment: SOMETHING+SOMETHING Now, observe the change...

eFront <= 3.5.1 / build 2710 Remote Arbitrary Upload Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- eFront = 3.5.1 / build 2710: Remote File Inclusion Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- $ Program: eFront $ File affected: studentpage.php / professorpag...

efront-upload.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- eFront eNYe-Sec - www.enye-sec.org -- Description by the author's page -- eFront is an easy to use, visually attractive, SCORM compatible, eLearning and Human Capital Development system. It is suitable for both company and...

eFront 3.5.1 / build 2710 - Arbitrary File Upload

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- eFront eNYe-Sec - www.enye-sec.org -- Description by the author's page -- eFront is an easy to use, visually attractive, SCORM compatible, eLearning and Human Capital Development system. It is suitable for both company and...

MacOS X Finder '.DS_Store' Information Disclosure

MacOS X creates a hidden file SPDX-FileCopyrightText: 2001 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10756";...