5146 matches found
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10010 Arbitrary File Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dbman service, which listens on TCP port...
ZYCHCMS V02 '/include/pager.asp' has an arbitrary file write vulnerability
ZYCHCMS is an enterprise website management system. An arbitrary file write vulnerability exists in ZYCHCMS V02 '/include/pager.asp'. The vulnerability allows attackers to write scripts to arbitrary files to gain server privileges...
ZYCHCMS V03 Arbitrary File Write Vulnerability in '/include/page.asp' File
ZYCHCMS is an enterprise website management system. ZYCHCMS V03 '/include/page.asp' file contains an arbitrary file write vulnerability. The vulnerability allows attackers to write scripts to arbitrary files to gain server privileges...
dpkg directory traversal vulnerability (CNVD-2017-06898)
dpkg is a suite management system developed specifically for Debian to facilitate the installation, update and removal of software. A directory traversal vulnerability exists in dpkg. dpkg's unpacking feature is vulnerable to a directory traversal vulnerability. A remote attacker can exploit this...
ZYCHCMS V04 Arbitrary File Write Vulnerability in /include/page.asp File
ZYCHCMS is an enterprise website management system. An arbitrary file write vulnerability exists in the ZYCHCMS V04 /include/page.asp file. The vulnerability allows attackers to write scripts to arbitrary files to gain server privileges...
YXCMS backend new template with SQL execution function has arbitrary file write vulnerability
Yxcms is an enterprise building system based on PHP and mysql technology. YXCMS backend new templates and SQL execution function has arbitrary file write vulnerability, attackers can exploit the vulnerability to write webshell, get server privileges...
CVE-2016-0727
The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to...
Quest Privilege Manager 6.0.0 - Arbitrary File Write Exploit
Exploit for linux platform in category remote exploits !/usr/bin/env python2 """ Exploit Title: Quest Privilege Manager pmmasterd Arbitrary File Write Date: 10/Mar/2017 Exploit Author: m0t Vendor Homepage: https://www.quest.com/products/privilege-manager-for-unix/ Version: 6.0.0-27, 6.0.0-50 Test...
Quest Privilege Manager 6.0.0 - Arbitrary File Write
Quest Privilege Manager 6.0.0 - Arbitrary File Write !/usr/bin/env python2 """ Exploit Title: Quest Privilege Manager pmmasterd Arbitrary File Write Date: 10/Mar/2017 Exploit Author: m0t Vendor Homepage: https://www.quest.com/products/privilege-manager-for-unix/ Version: 6.0.0-27, 6.0.0-50 Tested...
Quest Privilege Manager 6.0.0 - Arbitrary File Write
!/usr/bin/env python2 """ Exploit Title: Quest Privilege Manager pmmasterd Arbitrary File Write Date: 10/Mar/2017 Exploit Author: m0t Vendor Homepage: https://www.quest.com/products/privilege-manager-for-unix/ Version: 6.0.0-27, 6.0.0-50 Tested on: ubuntu 14.04 x8664, ubuntu 16.04 x86, ubuntu 12....
WordPress Chat-Room Plugin Has Multiple Vulnerabilities
WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development, the platform supports in PHP and MySQL servers to set up a personal blog site.Chat-Room is one of the chat room plug-ins. A directory traversal and arbitrary file write vulnerability exists i...
WordPress Chat-Room plugin v0.1.2 directory traversal/arbitrary file write Vulnerabilities
Exploit for php platform in category web applications Exploit Title: WordPress Chat-Room plugin v0.1.2 directory traversal/arbitrary file write Date: 2017-03-08 Exploit Author: malwrforensics Vendor Homepage: https://webdevstudios.com/ Software Link: https://wordpress.org/plugins/chat-room/...
Design_edittheme2.php Arbitrary File Write Vulnerability in Ohoo Government System
Ohuhu government system is the government portal system of Shanghai Ohuhu Network Technology Co. An arbitrary file write vulnerability exists in the designedittheme2.php file of the Ohuhu government system. This vulnerability allows attackers to write arbitrary files and gain server privileges...
CWCMS background admin/cw_skin.php page has arbitrary file write vulnerability
CWCMS is an enterprise website management system. An arbitrary file write vulnerability exists in the admin/cwskin.php page of the CwCMS-PHP enterprise website management system, allowing attackers to write arbitrary executable files and gain server privileges...
Rapid7 Metasploit Directory Traversal Vulnerability (CNVD-2017-02665)
Metasploit Pro is a guided penetration testing platform. A directory traversal vulnerability exists in the Meterpreter stdapi Dir.download function in versions of Rapid7 Metasploit prior to 4.13.0-2017020701. An attacker can exploit the vulnerability to write arbitrary files on the Metasploit...
CVE-2017-5229
All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter extapi Clipboard.parsedump function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directory on the Metasploit console...
CVE-2017-5228
All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter stdapi Dir.download function. By using a specially-crafted build of Meterpreter, it is possible to write to an arbitrary directory on the Metasploit console with the...
rubyzip gem Zip::File component directory traversal vulnerability
The rubyzip gem is a Ruby library for reading and writing zip files. A directory traversal vulnerability exists in the Zip::File component of the rubyzip gem. An attacker can exploit the vulnerability by uploading a malicious file to write an arbitrary file to the file system...
CVE-2017-5946
CVE-2017-5946 – Rubyzip directory traversal vulnerability : The Zip::File component of the rubyzip gem for Ruby (pre-1.2.1) allows a ZIP archive to write files outside the target directory when a ZIP upload contains paths with "..". This enables arbitrary file writes on the filesystem if a site p...
DEBIAN-CVE-2016-9956
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script...