420 matches found
WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability
Document Title: =============== WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1498 Release Date: ============= 2015-05-18 Vulnerability Laboratory ID VL-ID: ==================================== 149...
WordPress Wise Search Widget Plugin <= 1.1 - Cross Site Scripting
This plugin is prone to a cross site scripting vulnerability via "s" parameter. Solution Upgrade this plugin...
WordPress Wise Search Widget Plugin <= 1.1 - Cross Site Scripting
This plugin is prone to a cross site scripting vulnerability via "s" parameter. Solution Upgrade this plugin...
Wise Search Widget 1.1 - s Parameter Reflected XSS
The Category Wise Search WordPress plugin was affected by a s Parameter Reflected XSS security vulnerability...
WordPress Wise Theme - Email Spoofing
Because of this vulnerability, the attackers can send email from your server without authorization. Solution Disable this theme...
WISE-FTP 4.1/5.5.8 FTP Client 'LIST' Command Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29844/info WISE-FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue allows an attacker to write arbitrary files to location...
CVE-2012-0293
Multiple SQL injection vulnerabilities in Symantec Altiris WISE Package Studio before 8.0MR1 allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
Multiple SQL injection vulnerabilities in Symantec Altiris WISE Package Studio before 8.0MR1 allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2012-0293
The CVE-2012-0293 issue affects Symantec Altiris WISE Package Studio prior to 8.0MR1, where multiple SQL injection vulnerabilities in the packaging/deployment application could allow remote attackers to execute arbitrary SQL commands via unspecified vectors. The root cause is SQL injection in the...
CVE-2012-0293
Multiple SQL injection vulnerabilities in Symantec Altiris WISE Package Studio before 8.0MR1 allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
Altiris WISE Package Studio SQL Injections
SUMMARY Symantecs Altiris WISE Package Studio is susceptible to SQL injection attacks. It is possible to execute arbitrary SQL queries on the backend database of a targeted system. AFFECTED PRODUCTS Product | Version | Build | Solution ---|---|---|--- Altiris WISE Package Studio | 8.0 and prior |...
HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...
Wise Registry Cleaner DLL Hijacking Exploit (dwmapi.dll)
Exploit for windows platform in category local exploits ======================================================== Wise Registry Cleaner DLL Hijacking Exploit dwmapi.dll ======================================================== || || | || o,7 || . o7 || 4||| ow, : / /...
CVE-2008-2889
Directory traversal vulnerability in the FTP client in AceBIT WISE-FTP 4.1.0 and 5.5.8 allows remote FTP servers to create or overwrite arbitrary files via a ..\ dot dot backslash in a response to a LIST command, a related issue to CVE-2002-1345...
Directory traversal
Directory traversal vulnerability in the FTP client in AceBIT WISE-FTP 4.1.0 and 5.5.8 allows remote FTP servers to create or overwrite arbitrary files via a ..\ dot dot backslash in a response to a LIST command, a related issue to CVE-2002-1345...
CVE-2008-2889
The CVE-2008-2889 entry documents a directory traversal flaw in AceBIT WISE-FTP client (versions 4.1.0 and 5.5.8). The vulnerability enables remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, and is described as related to CVE-...
KLA10388 WLF vulnerability in AceBIT WISE-FTP
A directory traversal vulnerability was found in WISE-FTP. By exploiting this vulnerability malicious users can overwrite arbitrary files. This vulnerability can be exploited remotely via a specially designed response. Original advisories - Related products WISE-FTP CVE list CVE-2008-2889 high...
WISE-FTP 4.15.5.8 - FTP Client LIST Directory Traversal
WISE-FTP 4.15.5.8 - FTP Client LIST Directory Traversal source: https://www.securityfocus.com/bid/29844/info WISE-FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue allows an attacker to write...
CVE-2005-4697
The Microsoft Wireless Zero Configuration system WZCS allows local users to access WEP keys and pair-wise Master Keys PMK of the WPA pre-shared key via certain calls to the WZCQueryInterface API function in wzcsapi.dll...
Advisory: WZCS vulnerabilities
Summary "The Wireless Zero Configuration system service enables automatic configuration for IEEE 802.11 wireless adapters for wireless communication." There are two closely related vulnerabilities: Once the "View Available Wireless Networks" dialogue box is opened the Pair-wise Master Keys of the...