Description
===
FlexPaper (https://www.flowpaper.com) is an open source project, released under
GPL license, quite widespread over the internet. It provides document viewing
functionalities to web clients, mobile and tablet devices. At least until 2014
the component has been actively
CVE-2019-9649
CoreFTP FTP / SFTP Server v2 - Build 674
MDTM Directory Traversal
Discovered By: Kevin Randall
Summary: By utilizing a directory traversal along with the FTP MDTM
command, an attacker can browse outside the root directory to determine if
a file exists based on return file size
CVE-2019-9648
CoreFTP Server FTP / SFTP Server v2 - Build 674 SIZE Directory Traversal
Discovered By: Kevin Randall
Summary: By utilizing a directory traversal along with the FTP SIZE
command, an attacker can browse outside the root directory to determine if
a file exists based on return file
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Tue, Feb 05, 2019 at 04:25:25PM +0100, Tim Coen wrote:
> https://security-consulting.icu/blog/2019/02/wordpress-contact-form-email-xss-csrf/
MITRE assigned CVE-2019-9646 for this vulnerability.
- --
Henri Salo
-BEGIN PGP SIGNATURE-
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-.REG-FILE-DIALOG-BOX-MESSAGE-SPOOFING.txt
[+] ISR: ApparitionSec
[Vendor]
www.microsoft.com
[Product]
A file with the .reg file extension is a
