icedtea-web: home directory path disclosure to untrusted applications

The Java Network Launching Protocol JNLP implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to obtain the username and full path of the home and cache directories by accessing properties of the ClassLoader...

Improper access control

PHPBoost 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain backup SQL files via a direct request for predictable filenames in cache/backup/...

gdm -- privilege escalation vulnerability

Sebastian Krahmer reports: It was discovered that the GNOME Display Manager gdm cleared the cache directory, which is owned by an unprivileged user, with the privileges of the root user. A race condition exists in gdm where a local user could take advantage of this by writing to the cache directo...

VideoCache 1.9.2 vccleaner root vulnerability

Exploit for unknown platform in category local exploits ============================================= VideoCache 1.9.2 vccleaner root vulnerability ============================================= Title: VideoCache 1.9.2 vccleaner root vulnerability CVE-ID: OSVDB-ID: Author: Dominick LaTrappe...

VideoCache 1.9.2 vccleaner root vulnerability

No description provided by source. ==== SYNOPSIS ===================================================== VideoCache is a Squid URL rewriter plugin written in Python for bandwidth optimization while browsing video sharing websites. Version 1.9.2 allows a user with the privileges of the Squid proxy...

Oscailt CMS 3.3 Local File Inclusion

Exploit for unknown platform in category web applications ==================================== Oscailt CMS 3.3 Local File Inclusion ==================================== 0 Oscailt 3.3 CMS 0 Download: http://sourceforge.net/projects/oscailt/ 0 Bug: Local File Inclusion in index.php file ! 0 Poc:...

FlatPress 0.804-0.812.1 Local File Inclusion to Remote Command Execution vulnerability exploit

No description provided by source. ?php / Author: Giuseppe Zmax Fuggiano giuseppedotfuggianoatgmaildotcom Description: FlatPress 0.804-0.812.1 Local File Inclusion to Remote Command Execution vulnerability exploit fp-includes/core/core.users.php. This code posts a crafted comment with a very simp...

Path traversal

Absolute path traversal vulnerability in SugarCRM Sugar Community Edition 4.5.1 and 5.0.0 allows remote attackers to read arbitrary files via a full path in the URL parameter to modules/Feeds/Feed.php, which places the contents into a related cache file in the .cache/feeds directory...

CVE-2008-2045

Absolute path traversal vulnerability in SugarCRM Sugar Community Edition 4.5.1 and 5.0.0 allows remote attackers to read arbitrary files via a full path in the URL parameter to modules/Feeds/Feed.php, which places the contents into a related cache file in the .cache/feeds directory...

CVE-2008-2045

Absolute path traversal vulnerability in SugarCRM Sugar Community Edition 4.5.1 and 5.0.0 allows remote attackers to read arbitrary files via a full path in the URL parameter to modules/Feeds/Feed.php, which places the contents into a related cache file in the .cache/feeds directory...

SugarCRM Community Edition RSS模块信息泄露漏洞

BUGTRAQ ID: 28981 SugarCRM是开源的客户关系管理系统。 SugarCRM没有正确地验证对RSS模块的输入便用于在cache/feeds目录中生成缓存文件，远程攻击者可能利用此漏洞在系统上创建文件。 RSS模块允许SugarCRM用户向个人RSS列表添加RSS源，但没有正确地过滤URL变量值，因此用户可以输入任意URI值。在这种情况下，SugarCRM可能无法在列表中显示新的RSS源，但应用程序会以所输入URL的md5哈希为文件名在cache/feeds目录中创建本地文件。 SugarCRM SugarCRM Community Edition 5.0 SugarC...

Debian Security Advisory DSA 811-2 (common-lisp-controller)

The remote host is missing an update to common-lisp-controller announced via advisory DSA 811-2. The bugfix for the problem mentioned below contained an error that caused third party programs to fail. The problem is corrected by this update. For completeness we're including the original advisory...

Debian Security Advisory DSA 811-1 (common-lisp-controller)

The remote host is missing an update to common-lisp-controller announced via advisory DSA 811-1. Francois-Rene Rideau discovered a bug in common-lisp-controller, a Common Lisp source and compiler manager, that allows a local user to compile malicious code into a cache directory which is executed ...

DSA-811-2 common-lisp-controller - design error

Bulletin has no description...

CVE-2005-3287

Incomplete blacklist vulnerability in Mailsite Express allows remote attackers to upload and possibly execute files via attachments with executable extensions such as ASPX, which are not converted to .TXT like other dangerous extensions, and which can be directly requested from the cache director...

CVE-2005-3288

Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message...

PT-2005-4099 · Ftgate · Mailsite Express

Name of the Vulnerable Software and Affected Versions: Mailsite Express affected versions not specified Description: The issue allows remote attackers to upload and execute files with executable extensions, such as ASP, by utilizing the compose page feature. Attackers can attach the file and then...

CVE-2005-2657

Unknown vulnerability in common-lisp-controller 4.18 and earlier allows local users to gain privileges by compiling arbitrary code in the cache directory, which is executed by another user if the user has not run Common Lisp before...

CVE-2005-2657

Unknown vulnerability in common-lisp-controller 4.18 and earlier allows local users to gain privileges by compiling arbitrary code in the cache directory, which is executed by another user if the user has not run Common Lisp before...

CVE-2005-2657

Unknown vulnerability in common-lisp-controller 4.18 and earlier allows local users to gain privileges by compiling arbitrary code in the cache directory, which is executed by another user if the user has not run Common Lisp before...