5146 matches found
Automated Logic WebCTRL 6.1 Path Traversal Arbitrary File Write
Summary WebCTRL®, Automated Logic's web-based building automation system, is known for its intuitive user interface and powerful integration capabilities. It allows building operators to optimize and manage all of their building systems - including HVAC, lighting, fire, elevators, and security -...
Cisco ASR 5000 Series Aggregated Services Routers StarOS Arbitrary File Write Vulnerability
Cisco ASR 5000 Series Aggregated Services Routers are the ASR 5000 Series Aggregated Services Router products from Cisco.StarOS is the set of operating systems that run on them. An arbitrary file write vulnerability exists in StarOS in Cisco ASR 5000 Series Aggregated Services Routers version...
Cisco Prime Collaboration Provisioning Tool Arbitrary File Write Vulnerability
Cisco Prime Collaboration Provisioning Tool is a set of Web-based, next-generation communications services tools from Cisco. The tool provides IP communication services capabilities for IP telephony, voice mail, and unified communications environments. upgradeManager is one of the upgrade manager...
Exploit for Open Redirect in Git-Scm Git
PoC exploit for CVE-2017-1000117, a vulnerability in the way Git handles submodule initialization. The target is Git, a vulnerability class/vector of arbitrary file write, probable entry point is the Git submodule initialization process, notable dependency is Git, and execution context is a Git...
OurPHP front Desk arbitrary file write
No description provided by source...
Synology Photo Station Directory Traversal Vulnerability (CNVD-2017-27714)
Synology Photo Station is an online photo album and blog owned and managed by DSM users. A directory traversal vulnerability exists in PixlrEditorHandler.php in Synology Photo Station, which can be exploited by remote attackers to write arbitrary files via path parameters...
File upload vulnerability in SchoolCMS backend SiteController.class.php
SchoolCMS is a school teaching management system based on PHP+MySQL. A file upload vulnerability exists in the SchoolCMS backend SiteController.class.php, due to the system Upload function not effectively filtering user-submitted data. A remote attacker can arbitrarily write files to gain web...
File upload vulnerability in SchoolCMS backend ThemeController.class.php
SchoolCMS is an open source faculty management system. SchoolCMS v2.3.1 version ThemeController.class.php and SiteController.class.ph Upload function in the file upload vulnerability, remote attackers can use the theme function in the background, to perform arbitrary file write operations to obta...
Cisco DPC3939 Firmware Arbitrary File Write Vulnerability
Cisco DPC3939 is a wireless voice gateway product from Cisco USA. A security vulnerability exists in the Cisco DPC3939 firmware. It allows a remote attacker to write arbitrary data to a known /var/tmp/sess path by exploiting the operation of the UI exploit mode device...
Pivotal Software Cloud Foundry cf-release and CAPI-release path traversal vulnerabilities
Pivotal Software Cloud Foundry CF is a suite of open source Platform-as-a-Service PaaS cloud computing platforms from Pivotal Software in the United States, which provides container scheduling, continuous delivery, and automated service deployment, among other capabilities. cf-release and...
DEBIAN-CVE-2015-7703
The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration...
CVE-2015-7703
The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration...
Nitro Pro PDF - Multiple Vulnerabilities
Vulnerabilities Summary The following advisory describes three vulnerabilities found in Nitro / Nitro Pro PDF. Nitro Pro is the PDF reader and editor that does everything you will ever need to do with PDF files. The powerful but snappy editor lets you change PDF documents with ease, and comes wit...
Code execution vulnerability in ThinkerCMS InputController.class.php
ThinkerPHP is based on thinkphp3.2 development of a rapid development system, which has excellent user experience, efficient development efficiency, simple and easy to get started, etc. ThinkerCMS is ThinkerPHP's content management system dedicated to small websites. A code execution vulnerabilit...
Puppet mcollective-sshkey-security plugin public key override vulnerability
puppet is a centralized configuration management system for Linux, Unix, and windows platforms , using its own puppet description language , you can manage configuration files , users , cron tasks , packages , system services and so on. A security vulnerability exists in the puppet...
DEBIAN-CVE-2015-8697
stalin 0.11-5 allows local users to write to arbitrary files...
UBUNTU-CVE-2015-8697
stalin 0.11-5 allows local users to write to arbitrary files...
HPE Intelligent Management Center dbman FileTrans Arbitrary File Write (CVE-2017-5822)
An arbitrary file write vulnerability has been reported in the dbman component of HPE Intelligent Management Center. The vulnerability is due to lack of authentication on FileTrans commands, used to transfer files to the host running dbman. A remote, unauthenticated attacker can exploit the...
Arbitrary File Write Vulnerability in Wolf CMS 0.8.3.1 Backend
Wolf CMS is a lightweight CMS program written in PHP. The latest version of Wolf CMS, version 0.8.3.1, has an arbitrary file write vulnerability in the backend, which can be exploited to create files with arbitrary suffixes and write arbitrary content. An attacker can use this vulnerability to...
Arbitrary File Write
thrushs is vulnerable to arbitrary file writes. Attackers are able to use thrushs to create files on a server...