SolarWinds Serv-U FTP Server versions through 15.2.1 do not correctly sanitize and validate the user-supplied directory names, allowing malicious users to create directories that when clicked on (in the breadcrumb menu) will trigger cross site scripting payloads.
7b4d92cd96ecbdf9bbfd42665ba4d3b8SolarWinds Serv-U File Server versions through 15.2.1 do not correctly validate path information, allowing the disclosure of files and directories outside of the user's home directory via a specially crafted GET request.
bcff8e686a6d68a1e71f68016c03b076Apple Security Advisory 2021-02-09-1 - macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002 address code execution and out of bounds write vulnerabilities.
8d1bfb10d55eb1550d949aa299d02051Ubuntu Security Notice 4734-1 - It was discovered that wpa_supplicant did not properly handle P2P group information in some situations, leading to a heap overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that hostapd did not properly handle UPnP subscribe messages in some circumstances. An attacker could use this to cause a denial of service. Various other issues were also addressed.
be6482b8e15c1151887efd102bd3eefaSchool Event Attendance Monitoring System version 1.0 suffers from a persistent cross site scripting vulnerability.
e38bf1e1b8f3d3614dee59902abcac89This whitepaper is a cheatsheet that goes over various methods of port forwarding and tunnelling of traffic.
2c5dc5ee3665fdf16ae57eab041dab65School File Management System version 1.0 suffers from multiple cross site scripting vulnerabilities.
e95f6c5ef1e9855e28f54b29426562bbPDFCOMPLETE Corporate Edition version 4.1.45 suffers from an unquoted service path vulnerability.
e6035e1423b7a428aa02a8fca6c07ac8
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed