5472 matches found
Joomla! Component com_oziogallery2 / IMAGIN - Arbitrary File Write
Exploit Title: Joomla component comoziogallery2 / IMAGIN arbitrary file write Date: 01-01-10 Author: Ubik and er Software Link: oziogallery.joomla.it / imagin.ro Version: all Disclaimer : all the information in this document is provided "as is", for educational purposes only. The authors will not...
DEBIAN-CVE-2009-4023
Argument injection vulnerability in the sendmail implementation of the Mail::Send method Mail/sendmail.php in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111...
PHP 5.3.0 pdflib Arbitrary File Write
No description provided by source. Description: ------------ Via this bug , attacker can save a file in path that not allowed in openbasedir . Reproduce code: --------------- ?php // Author : Sina Yazdanmehr R3d.W0rm ; Our Site : http://IrCrash.com if!extensionloaded'pdf' die'pdf extension requir...
PHP 5.3.0 pdflib Arbitrary File Write
Exploit for unknown platform in category local exploits ===================================== PHP 5.3.0 pdflib Arbitrary File Write ===================================== Title: PHP 5.3.0 pdflib Arbitrary File Write CVE-ID: OSVDB-ID: Author: Sina Yazdanmehr Published: 2009-11-06 Verified: yes view...
PHP 5.3.0 - pdflib Arbitrary File Write
PHP 5.3.0 - pdflib Arbitrary File Write Description: ------------ Via this bug , attacker can save a file in path that not allowed in openbasedir . Reproduce code: --------------- / if!isset$PATH,$VALUE die'/expl.php?p=pathuwantsavefile/filename&v=valueuwantsav einfile'; $IRCRASH = pdfnew;...
PHP 5.3.0 - 'pdflib' Arbitrary File Write
Description: ------------ Via this bug , attacker can save a file in path that not allowed in openbasedir . Reproduce code: --------------- / if!isset$PATH,$VALUE die'/expl.php?p=pathuwantsavefile/filename&v=valueuwantsav einfile'; $IRCRASH = pdfnew; pdfopenfile$IRCRASH,$PATH;...
T-HTB Manager 0.5 - Multiple Blind SQL Injections
Salvatore "drosophila" Fresta + Application: T-HTB Manager + Version: 0.5 + Website: http://sourceforge.net/apps/mediawiki/t-htbmanager/index.php?title=MainPage + Bugs: A Multiple Blind SQL Injection + Exploitation: Remote + Date: 10 Sep 2009 + Discovered by: Salvatore Fresta aka drosophila +...
McAfee 3.6.0.608 Active-X Data Write
GOODFELLAS Security Research TEAM http://goodfellas.shellcode.com.ar Greetings to str0ke McAfee, Inc. 3.6.0.608 Policy Manager naPolicyManager.dll Arbitrary Data Write ============================================================================== Internal ID: VULWAR20090616. -----------...
php pear mail package arbitrary file write vulnerability-vulnerability warning-the black bar safety net
Vulnerability description: the PEAR is PHP's official open-source Class Library, PHP Extension and Application Repository abbreviations. PEAR the PHP application development process commonly used in the function written as a class library, the cover page was surface, database access, file...
CVE-2008-5625
PHP 5 before 5.2.7 does not enforce the errorlog safemode restrictions when safemode is enabled through a phpadminflag setting in httpd.conf, which allows context-dependent attackers to write to arbitrary files by placing a "phpvalue errorlog" entry in a .htaccess file...
U-Mail Webmail 4.91 (edit.php) Arbitrary File Write Vulnerability
No description provided by source. U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan...
U-Mail Webmail 'edit.php' Arbitrary File Write Vulnerability
U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan Wang Date: 2008-10-30 Web:...
U-Mail Webmail 4.91 - 'edit.php' Arbitrary File Write
U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan Wang Date: 2008-10-30 Web:...
umail-filewrite.txt
U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan Wang Date: 2008-10-30 Web:...
WISE-FTP 4.15.5.8 - FTP Client LIST Directory Traversal
WISE-FTP 4.15.5.8 - FTP Client LIST Directory Traversal source: https://www.securityfocus.com/bid/29844/info WISE-FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue allows an attacker to write...
Moderate: Red Hat Security Advisory: tar security update
Updated tar package that fixes a path traversal flaw is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNU tar program saves many files together in one archive and can restore individual files or all of the files from that...
DEBIAN-CVE-2007-1329
Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via . dot characters adjacent to 1 users and 2 users/members strings, which are removed by blacklisting functions that filter the...
CVE-2006-2958
FilZip 3.05 is affected by a directory traversal vulnerability that lets remote attackers write arbitrary files by exploiting a .. sequence in archive members with extensions .rar, .tar, .jar, or .gz. The impact is described as potential partial integrity impact and no confidentiality or availabi...
MDaemon Content Filter Traversal Arbitrary File Write
According to its banner, the version of MDaemon on the remote host is prone to a directory traversal flaw that can be exploited to overwrite files outside the application's quarantine directory provided MDaemon's attachment quarantine feature is enabled. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2005-0471
CVE-2005-0471 affects Sun Java JRE 1.1.x through 1.4.x. The vulnerability arises when the Java runtime writes temporary files with long filenames that become predictable on file systems using 8.3 short names, enabling remote attackers to write arbitrary files to known locations and potentially ex...