Hi,
Vendor: Files.com
Product: Fat Client
Tested version: 3.3.6 but newer version high likely also affected
Credit: Balazs Hambalko, IT Security Consultant
This vulnerability was identified and reported promptly to the vendor in
April 2020.
The answer was they do not see any risk here.
Anyway I
Hi,
Title: Authentication bypass via Improper Session Management
Product: RoundcubeMail
Tested version: 1.4.4 - 1.4.8
CVE: in progress
Credit: Balazs Hambalko, IT Security Consultant
Risk: The lack of proper session validation could lead an attacker to
access the victim user's emails.
Issue
Hi,
An issue was discovered in Gigamon GigaVUE 5.5.01.11.
The upload functionality allows an authenticated user to change the
filename value (in the POST method) from the original filename
to achieve directory traversal via a ../ sequence and, for example,
obtain a complete directory listing of th
