5261 matches found
GNU Parallel Arbitrary File Write Vulnerability
GNU Parallel is a set of shell tools developed by the GNU Project that can be used to parallelize the execution of jobs on a single or multiple machines. A security vulnerability exists in versions prior to GNU Parallel 20150522. When a program uses the --cat and --sshlogin commands or the --fifo...
UBUNTU-CVE-2015-1324
Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root...
DEBIAN-CVE-2015-3306
The modcopy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands...
EasyCTF Arbitrary File Content Write Vulnerability
EasyCTF is a CGI program for scoring CTFs. EasyCTF has an unspecified security vulnerability that could be exploited by remote attackers to write arbitrary executable content to a file...
Cisco AnyConnect Secure Mobility Client Arbitrary File Write Vulnerability
The Cisco AnyConnect Secure Mobility Client is Cisco's next-generation VPN client. The Cisco AnyConnect Secure Mobility Client has a security vulnerability in inter-process communication IPC that allows a local attacker to write and overwrite arbitrary files with elevated privileges...
Cisco AnyConnect Secure Mobility Client Arbitrary File Write Vulnerability
A vulnerability in the inter-process communication IPC channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to write arbitrary files with elevated privileges. The vulnerability is due to lack of authentication or authorization of certain IPC commands. An...
KENT-WEB Joyful Note Arbitrary Code Execution Vulnerability
KENT-WEB Joyful Note is a suite of message board applications from the Japanese company KENT-WEB. A security vulnerability exists in KENT-WEB Joyful Note versions prior to 5.3. A remote attacker can exploit the vulnerability to delete or write arbitrary files and execute arbitrary code...
DEBIAN-CVE-2015-1589
Directory traversal vulnerability in arCHMage 0.2.4 allows remote attackers to write to arbitrary files via a .. dot dot in a CHM file...
Rsync Arbitrary File Write Vulnerability
rsync is a data mirroring backup application for Unix-like systems developed by Australian software developers Andrew Tridgell and Paul Mackerras that synchronizes file and directory updates between two computers and uses differential encoding to reduce data transfers. An arbitrary file write...
齐博CMS某处任意文件写入getshell(需要一定权限)
简要描述: 一个二次操作造成的任意文件写入。需要一定权限,自评为鸡肋。作为一个诚实的孩子,是怎样就怎样,我会把问题说的很清楚以避免误会哦 详细说明: 只拿整站做说明,下载最新版本。 /inc/function.inc.php 1507行 //自定义内容页文件名缓存生成 function getshowhtmltype global $db,$pre,$Fiddb; $query = $db-query"SELECT aid,htmlname FROM $prearticle WHERE htmlname!=''"; while$rs = $db-fetcharray$query...
u5CMS 'u5admin/deletefile.php' directory traversal vulnerability
u5CMS is a content management system CMS based on PHP, MySQL and Apache for medium-sized websites, conferences, audit processes, PayPal payments and online surveys. The system supports WYSIWYG editor, creating survey forms and data storage. A directory traversal vulnerability exists in the u5CMS...
UBUNTU-CVE-2014-9512
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...
VMware ESXi updates address security issues (VMSA-2015-0001)
VMware ESXi address several security issues. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-8370
VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service arbitrary write to a file by modifying a configuration file...
WordPress plugin Pixabay Images arbitrary file write vulnerability (CNVD-2015-00815)
The Pixabay Images plugin is a plugin that supports the insertion of selected CC0 public domain photos from Pixabay an image material sharing network anywhere in the blog. An arbitrary file write vulnerability exists in versions of the WordPress plugin Pixabay Images prior to 2.4, which allows...
WordPress plugin Pixabay Images arbitrary file write vulnerability (CNVD-2015-00817)
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Pixabay Images is one of the support for selecting photos from Pixabay image material sharing network in the CC0...
WordPress Plugin Pixabay Images Directory Traversal Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Pixabay Images is one of the support for selecting photos from Pixabay image material sharing network in the CC0...
UBUNTU-CVE-2015-1396
A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196...
VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues
a. VMware ESXi, Workstation, Player, and Fusion host privilege escalation vulnerability VMware ESXi, Workstation, Player and Fusion contain an arbitrary file write issue. Exploitation this issue may allow for privilege escalation on the host. The vulnerability does not allow for privilege...
VMSA-2015-0001:VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues
VMSA-2015-0001.2 VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2015-0001.2 VMware Security Advisory Synopsis: VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates...