CVE-2008-0425

CVE-2008-0425 affects Frimousse 0.0.2, in explorerdir.php, via an absolute path traversal in the name parameter. This allows remote attackers to read arbitrary files and list directories. Public exploits are referenced (e.g., Exploit-DB link 4943). The provided documents do not include a remediat...

Debian: Security Advisory (DSA-1453-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-265)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2008-0184

CVE-2008-0184 affects Sys-Hotel on Line System. Affects the index.php file where an absolute path traversal can occur via an encoded slash (%2F) in the file parameter, enabling remote reading of arbitrary files. The NVD entry lists a Network attack vector with Low complexity and no authentication...

Path traversal

Absolute path traversal vulnerability in index.php in Million Dollar Script 2.0.14 allows remote attackers to read arbitrary files via encoded "/" %2F sequences in the link parameter...

Debian DSA-1453-1 : tomcat5 - several vulnerabilities

Several remote vulnerabilities have been discovered in the Tomcat servlet and JSP engine. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3382 It was discovered that single quotes ' in cookies were treated as a delimiter, which could lead to an...

DSA-1453-1 tomcat5 - several vulnerabilities

Bulletin has no description...

Debian DSA-1447-1 : tomcat5.5 - several vulnerabilities

Several remote vulnerabilities have been discovered in the Tomcat servlet and JSP engine. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3382 It was discovered that single quotes ' in cookies were treated as a delimiter, which could lead to an...

CVE-2007-6623

CVE-2007-6623 describes an absolute path traversal vulnerability in ZeusCMS 0.3 and earlier. The issue allows remote attackers to list arbitrary directories by supplying a full pathname in the dir parameter. This is a server-side path disclosure risk that could enable traversal beyond intended di...

[SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1447-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 03, 2008 http://www.debian.org/security/faq -...

Joomla mosDirectory Component mosConfig_absolute_path远程文件包含漏洞

Phil Taylor mosDirectory是一款基于PHP的WEB应用程序。 Phil Taylor mosDirectory不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB权限执行任意PHP代码。 问题是由于脚本对用户提交的WEB参数缺少过滤，提交远程服务器上的任意文件作为包含对象，可导致以WEB权限执行任意PHP代码。 Phil Taylor mosDirectory 2.3.2 目前没有解决方案提供： http://www.phil-taylor.com/...

CVE-2007-6331

CVE-2007-6331 describes an absolute path traversal in the HPInfoDLL.HPInfo.1 ActiveX control (HPInfoDLL.dll 1.0) shipped with HP Info Center and the HP Quick Launch Button (QLB) software, up to version 6.3. The vulnerability allows remote attackers to execute arbitrary programs by passing a craft...

joomlajuser-rfi.txt

================================================================================================================================== JUser Joomla Component 1.0.14 Remote File Include Vulnerability Component : comjuser version 1.0.14 - paid component Vendor : www.joomlaequipment.com Discovered by :...

Joomla! Component Carousel Flash Image Gallery - Remote File Inclusion

Joomla! Component Carousel Flash Image Gallery - Remote File Inclusion +By CrackersChild+ Script.......: Carousel Flash Image Gallery Joomla Component Download.....: http://justjoomla.net/joomla-components/carousel-flash-image-gallery.html Author.......: CrackersChild | [email protected] &...

Joomla! Component Carousel Flash Image Gallery - Remote File Inclusion

+By CrackersChild+ Script.......: Carousel Flash Image Gallery Joomla Component Download.....: http://justjoomla.net/joomla-components/carousel-flash-image-gallery.html Author.......: CrackersChild | [email protected] & [email protected] Class........: Remote File Ä°nclude...

CVE-2007-5826

CVE-2007-5826 describes an absolute path traversal in the EDraw Flowchart ActiveX control (EDImage.ocx 2.0.2005.1104). The vulnerability allows remote attackers to create or overwrite arbitrary files with arbitrary contents by passing a full pathname as the second argument to the HttpDownloadFile...

CVE-2007-5815

This CVE describes an Absolute path traversal in the WebCacheCleaner ActiveX control (version 1.3.0.3) used by SonicWall SSL-VPN. Affected products: SSL-VPN 200 before 2.1 and SSL-VPN 2000/4000 before 2.5. The vulnerability allows remote attackers to delete arbitrary files by passing a full pathn...

Directory traversal

Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences...

CVE-2007-4829

The CVE-2007-4829 entry concerns a directory-traversal flaw in the Archive::Tar Perl module (versions

CVE-2007-4829

Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences...