The vulnerability of the NetCharts Server data visualization platform allows a hacker to write arbitrary files.

The vulnerability in the saveFile.jsp file of the NetCharts Server deployment tool exists due to an incorrect restriction on the path name for the restricted access directory. Exploiting this vulnerability allows a malicious actor to write any files they desire...

CGI RESCUE BloBee Arbitrary Code Execution Vulnerability

CGI RESCUE BloBee is a bulletin release software. A security vulnerability exists in CGI RESCUE BloBee that can be exploited by remote attackers to write to arbitrary files and execute arbitrary code...

Zarafa Collaboration Platform Local Arbitrary File Write Vulnerability

Zarafa Collaboration Platform is a suite of open source email and calendaring software. A security vulnerability in the provider/server/ECServer.cpp file of Zarafa Collaboration Platform allows a local attacker to write arbitrary files by performing a symbolic link attack on the...

PT-2020-7830 · Abrt +2 · Abrt +2

Name of the Vulnerable Software and Affected Versions: ABRT affected versions not specified Description: The issue allows local users to potentially write to arbitrary files or have other unspecified impact via a symlink attack on certain directories. Recommendations: At the moment, there is no...

Visual Mining NetChart Directory Traversal Vulnerability

Visual Mining NetChart is a suite of data visualization tools from Visual Mining USA. The tool supports the generation of data in the form of charts, graphs, and reports. A directory traversal vulnerability exists in the saveFile.jsp file in the development installer of Visual Mining NetChart. A...

GNU Parallel Arbitrary File Write Vulnerability

GNU Parallel is a set of shell tools developed by the GNU Project that can be used to parallelize the execution of jobs on a single or multiple machines. A security vulnerability exists in versions prior to GNU Parallel 20150522. When a program uses the --cat and --sshlogin commands or the --fifo...

UBUNTU-CVE-2015-1324

Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root...

DEBIAN-CVE-2015-3306

The modcopy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands...

EasyCTF Arbitrary File Content Write Vulnerability

EasyCTF is a CGI program for scoring CTFs. EasyCTF has an unspecified security vulnerability that could be exploited by remote attackers to write arbitrary executable content to a file...

Cisco AnyConnect Secure Mobility Client Arbitrary File Write Vulnerability

The Cisco AnyConnect Secure Mobility Client is Cisco's next-generation VPN client. The Cisco AnyConnect Secure Mobility Client has a security vulnerability in inter-process communication IPC that allows a local attacker to write and overwrite arbitrary files with elevated privileges...

Cisco AnyConnect Secure Mobility Client Arbitrary File Write Vulnerability

A vulnerability in the inter-process communication IPC channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to write arbitrary files with elevated privileges. The vulnerability is due to lack of authentication or authorization of certain IPC commands. An...

KENT-WEB Joyful Note Arbitrary Code Execution Vulnerability

KENT-WEB Joyful Note is a suite of message board applications from the Japanese company KENT-WEB. A security vulnerability exists in KENT-WEB Joyful Note versions prior to 5.3. A remote attacker can exploit the vulnerability to delete or write arbitrary files and execute arbitrary code...

DEBIAN-CVE-2015-1589

Directory traversal vulnerability in arCHMage 0.2.4 allows remote attackers to write to arbitrary files via a .. dot dot in a CHM file...

Rsync Arbitrary File Write Vulnerability

rsync is a data mirroring backup application for Unix-like systems developed by Australian software developers Andrew Tridgell and Paul Mackerras that synchronizes file and directory updates between two computers and uses differential encoding to reduce data transfers. An arbitrary file write...

齐博CMS某处任意文件写入getshell（需要一定权限）

简要描述： 一个二次操作造成的任意文件写入。需要一定权限，自评为鸡肋。作为一个诚实的孩子，是怎样就怎样，我会把问题说的很清楚以避免误会哦 详细说明： 只拿整站做说明，下载最新版本。 /inc/function.inc.php 1507行 //自定义内容页文件名缓存生成 function getshowhtmltype global $db,$pre,$Fiddb; $query = $db-query"SELECT aid,htmlname FROM $prearticle WHERE htmlname!=''"; while$rs = $db-fetcharray$query...

u5CMS 'u5admin/deletefile.php' directory traversal vulnerability

u5CMS is a content management system CMS based on PHP, MySQL and Apache for medium-sized websites, conferences, audit processes, PayPal payments and online surveys. The system supports WYSIWYG editor, creating survey forms and data storage. A directory traversal vulnerability exists in the u5CMS...

UBUNTU-CVE-2014-9512

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...

VMware ESXi updates address security issues (VMSA-2015-0001)

VMware ESXi address several security issues. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-8370

VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service arbitrary write to a file by modifying a configuration file...

WordPress plugin Pixabay Images arbitrary file write vulnerability (CNVD-2015-00817)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Pixabay Images is one of the support for selecting photos from Pixabay image material sharing network in the CC0...