EUVD-2007-5084

Malware in sbrugna...

DLL Hijacking Vulnerability in Kingsoft Wordsmith 2016 of Beijing Kingsoft Office Software Co.

Kingsoft Wordsmith provides English learning enthusiasts with online dictionaries, online translations, English learning materials, English songs and more. A DLL hijacking vulnerability exists in Kingsoft Wordsmith 2016 by Beijing Kingsoft Office Software Co. An attacker can exploit the...

DLL hijacking vulnerability exists in Kingsoft Wordsmith 2016 of Beijing Kingsoft Office Software Co. Ltd (CNVD-2021-10298)

Kingsoft Wordsmith provides English learning enthusiasts with online dictionaries, online translations, English learning materials, English songs and more. A DLL hijacking vulnerability exists in Kingsoft Wordsmith 2016 by Beijing Kingsoft Office Software Co. An attacker can exploit the...

Kingsoft Wordsmith 2016 (Windows client) suffers from a dll hijacking vulnerability

Kingsoft Wordsmith 2016 is a free translation software for personal users, and the new version has a great value, offering features such as live voice and on-screen word extraction. A dll hijacking vulnerability exists in Kingsoft Wordmaster 2016 Windows client. An attacker can exploit the...

Kingsoft Wordsmith Android app has multiple overstepping vulnerabilities

Kingsoft Wordsmith is a translation and learning software from Kingsoft Corporation. Kingsoft Wordmaster Android app has multiple overstepping vulnerabilities. Attackers can use this vulnerability to traverse other people's information and modify their avatars and nicknames...

Arbitrary Password Reset Vulnerability in Kingsoft Wordsmith Android App

Kingsoft Wordsmith is a translation and learning software from Kingsoft Corporation. An arbitrary password reset vulnerability exists in Kingsoft wordmaster android app. Due to a design flaw in the feature of changing cell phone number, an attacker can reset the password of another person by only...

Arbitrary User Password Reset Vulnerability in Kingsoft Wordsmith Android App

Kingsoft Wordsmith is a free translation and learning software from Kingsoft. Kingsoft wordmaster android app there is any user password reset vulnerability, the vulnerability arises from the change of password did not increase the verification of the old password due to the attacker can take...

CVE-2007-5103

Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 RC1, when registerglobals is enabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the path parameter...

Immunity Canvas: WORDSMITH_INCLUDE

Name| wordsmithinclude ---|--- CVE| CVE-2007-5102 Exploit Pack| CANVAS Description| Wordsmith Remote file inclusion Notes| CVSS: 6.8 Repeatability: Infinite VENDOR: Wordsmith CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5102 CVE Name: CVE-2007-5102...

Remote file inclusion

PHP remote file inclusion vulnerability in config.inc.php in Wordsmith 1.0 RC1, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...

CVE-2007-5102

PHP remote file inclusion vulnerability in config.inc.php in Wordsmith 1.0 RC1, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...

Directory traversal

Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 RC1, when registerglobals is enabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the path parameter...

CVE-2007-5102

PHP remote file inclusion vulnerability in config.inc.php in Wordsmith 1.0 RC1, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter...

CVE-2007-5103

The CVE-2007-5103 entry describes a directory traversal in Wordsmith 1.0 RC1’s config.inc.php when register_globals is on. An attacker can craft a .. payload in the _path parameter to cause inclusion and execution of local files. The vulnerability arises from insufficient validation of the path, ...

CVE-2007-5102

CVE-2007-5102 describes a PHP remote file inclusion in Wordsmith 1.0 RC1. When register_globals is enabled, an attacker can trigger arbitrary PHP code execution by supplying a URL in the _path parameter to config.inc.php. The vulnerability stems from unsafely including user-controlled input in th...

CVE-2007-5103

Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 RC1, when registerglobals is enabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the path parameter...

wordsmith-rfi.txt

--==+=================== Electronic Security Team www.Yee7.com ====================+==-- --==+ WordSmith 1.0 RC1 config.inc.php Remote File Inclusion +==-- --==+================================================================================+==-- Software: WordSmith 1.0 RC1 SF page:...

Wordsmith 1.1b (config.inc.php _path) Remote File Inclusion Vuln

No description provided by source. --==+=================== Electronic Security Team www.Yee7.com ====================+==-- --==+ WordSmith 1.0 RC1 config.inc.php Remote File Inclusion +==-- --==+================================================================================+==-- Software:...

Wordsmith 1.1b - 'config.inc.php?_path' Remote File Inclusion

--==+=================== Electronic Security Team www.Yee7.com ====================+==-- --==+ WordSmith 1.0 RC1 config.inc.php Remote File Inclusion +==-- --==+================================================================================+==-- Software: WordSmith 1.0 RC1 SF page:...

Wordsmith 1.1b (config.inc.php _path) Remote File Inclusion Vuln

Exploit for unknown platform in category web applications ================================================================ Wordsmith 1.1b config.inc.php path Remote File Inclusion Vuln ================================================================ --==+=================== Electronic Security Te...