988 matches found
Lua-Programming Language 1.6 File Upload
TITLE: Unauthenticated Remote File Upload via HTTP for lua-Programming language 1.6 on iOS Date: 8/1/2013 Author: Larry W. Cashdollar, @larry0 Download: https://itunes.apple.com/us/app/lua-programming-language/id505972017?mt=8&ls=1 http://www.tayutec.com/indexen.html Description: "Please download...
kesioncms(news cms) 6. x to 8. x version getshell vulnerabilities attached to the use of the exp-bug warning-the black bar safety net
Not on the submitted parameter is determined, the result can be written to any file on the server... Wap/Plus/PhotoVote. asp 1 4 – 2 3 Dim KS:Set KS=New PublicCls Dim ID:ID = ReplaceKS. S“ID”,” “,”" Dim ChannelID:ChannelID=KS. G“ChannelID” If ChannelID=”" Then ChannelID=2 If the KS...
PYSEC-2012-38
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
No title provided
Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. dot dot sequences...
security flaw
optionsidentities.php in SquirrelMail 1.4.4 and earlier uses the extract function to process the $POST variable, which allows remote attackers to modify or read the preferences of other users, conduct cross-site scripting XSS attacks, and write arbitrary files...
UBUNTU-CVE-2005-1080
Directory traversal vulnerability in the Java Archive Tool Jar utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. dot dot in filenames in a .jar file...
Samba 'smbprint' script tmpfile vulnerability.
Product: Samba 'smbprint' script. http://www.samba.org Versions: All versions, but manifesting in different ways. Bug: Symlink bug / tmpfile bug. Impact: Attacker's can write to arbitrary files, and in theory, elevate privileges unlikely Risk: LOW Date: March 19, 2004 Author: Shaun Colley Email:...
DEBIAN-CVE-2002-1395
Internet Message IM 141-18 and earlier uses predictable file and directory names, which allows local users to 1 obtain unauthorized directory permissions via a temporary directory used by impwagent, and 2 overwrite and create arbitrary files via immknmz...