Lucene search
K

988 matches found

Packet Storm
Packet Storm
added 2013/09/10 12:0 a.m.28 views

Lua-Programming Language 1.6 File Upload

TITLE: Unauthenticated Remote File Upload via HTTP for lua-Programming language 1.6 on iOS Date: 8/1/2013 Author: Larry W. Cashdollar, @larry0 Download: https://itunes.apple.com/us/app/lua-programming-language/id505972017?mt=8&ls=1 http://www.tayutec.com/indexen.html Description: "Please download...

7.4AI score
Exploits0
myhack58
myhack58
added 2013/04/09 12:0 a.m.17 views

kesioncms(news cms) 6. x to 8. x version getshell vulnerabilities attached to the use of the exp-bug warning-the black bar safety net

Not on the submitted parameter is determined, the result can be written to any file on the server... Wap/Plus/PhotoVote. asp 1 4 – 2 3 Dim KS:Set KS=New PublicCls Dim ID:ID = ReplaceKS. S“ID”,” “,”" Dim ChannelID:ChannelID=KS. G“ChannelID” If ChannelID=”" Then ChannelID=2 If the KS...

7.9AI score
Exploits0
OSV
OSV
added 2012/07/22 4:55 p.m.4 views

PYSEC-2012-38

Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...

5.5CVSS6.9AI score0.02997EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2009/04/14 5:14 p.m.5 views

No title provided

Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. dot dot sequences...

7.5CVSS7.2AI score0.04028EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2005/08/03 2:16 p.m.7 views

security flaw

optionsidentities.php in SquirrelMail 1.4.4 and earlier uses the extract function to process the $POST variable, which allows remote attackers to modify or read the preferences of other users, conduct cross-site scripting XSS attacks, and write arbitrary files...

4.3CVSS5.8AI score0.04242EPSS
Exploits2References4
OSV
OSV
added 2005/05/02 4:0 a.m.6 views

UBUNTU-CVE-2005-1080

Directory traversal vulnerability in the Java Archive Tool Jar utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. dot dot in filenames in a .jar file...

5CVSS5.9AI score0.06717EPSS
Exploits1References4
securityvulns
securityvulns
added 2004/03/20 12:0 a.m.27 views

Samba 'smbprint' script tmpfile vulnerability.

Product: Samba 'smbprint' script. http://www.samba.org Versions: All versions, but manifesting in different ways. Bug: Symlink bug / tmpfile bug. Impact: Attacker's can write to arbitrary files, and in theory, elevate privileges unlikely Risk: LOW Date: March 19, 2004 Author: Shaun Colley Email:...

7AI score
Exploits0
OSV
OSV
added 2003/01/17 5:0 a.m.2 views

DEBIAN-CVE-2002-1395

Internet Message IM 141-18 and earlier uses predictable file and directory names, which allows local users to 1 obtain unauthorized directory permissions via a temporary directory used by impwagent, and 2 overwrite and create arbitrary files via immknmz...

2.1CVSS6.3AI score0.00371EPSS
Exploits0References1
Rows per page
Query Builder