Lucene search
K

58 matches found

Prion
Prion
added 2012/12/13 11:53 a.m.24 views

Directory traversal

Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authenticated users to 1 read, 2 delete, or 3 create files, or 4 list directories, via a ..%5C encoded dot dot backslash in a URI...

8.5CVSS6.9AI score0.04553EPSS
Exploits4References1Affected Software1
Cvelist
Cvelist
added 2012/12/13 11:0 a.m.24 views

CVE-2012-4991

Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authenticated users to 1 read, 2 delete, or 3 create files, or 4 list directories, via a ..%5C encoded dot dot backslash in a URI...

6.4AI score0.04553EPSS
Exploits4References1
OSV
OSV
added 2012/11/21 11:55 p.m.3 views

DEBIAN-CVE-2012-3513

munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command...

9.3CVSS7.1AI score0.02368EPSS
Exploits1References1
NVD
NVD
added 2012/06/21 11:55 p.m.24 views

CVE-2010-4250

Memory leak in the inotifyinit1 function in fs/notify/inotify/inotifyuser.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service memory consumption via vectors involving failed attempts to create files...

4.9CVSS5.8AI score0.00756EPSS
Exploits0References5
Cvelist
Cvelist
added 2010/08/16 7:0 p.m.20 views

CVE-2010-3028

The Aardvertiser component before 2.2.1 for Joomla! uses insecure permissions 777 in unspecified folders, which allows local users to modify, create, or delete certain files...

6.4AI score0.00307EPSS
Exploits0References5
Prion
Prion
added 2010/08/02 8:40 p.m.12 views

Directory traversal

Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful mlmmj 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. dot d...

6.5CVSS6.7AI score0.01806EPSS
Exploits0References11Affected Software1
NVD
NVD
added 2010/08/02 8:40 p.m.15 views

CVE-2009-4896

Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful mlmmj 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. dot d...

6.5CVSS6.5AI score0.01806EPSS
Exploits0References11
NVD
NVD
added 2010/07/06 5:17 p.m.13 views

CVE-2010-2251

The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted...

7.5CVSS7.2AI score0.03629EPSS
Exploits0References15
ATTACKERKB
ATTACKERKB
added 2010/06/07 5:12 p.m.3 views

CVE-2010-2024

transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/...

4.4CVSS5.8AI score0.0028EPSS
Exploits0References19
securityvulns
securityvulns
added 2006/11/16 12:0 a.m.43 views

MDaemon mail server weak permissions

Installation folder allows User group to create files, making it possible to spoof system DLLs with local ones...

2.1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/11/03 12:0 a.m.56 views

FreeWebshop.org Script <= 2.2.2 Multiple Remote Vulnerabilities

Product: www.freewebshop.org Version: 2.2.x, maybe lower Critical Lvl : Highly critical Where : From Remote Exploits: Bypass Login: username:admin password:' or 'a'='a Read Files: /index.php?page=info&action=../../../../../../../../../../../../etc/passwd00 List Passwords:...

2.4AI score
Exploits0
0day.today
0day.today
added 2006/11/02 12:0 a.m.29 views

FreeWebshop.org Script <= 2.2.2 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications =============================================================== FreeWebshop.org Script = 2.2.2 Multiple Remote Vulnerabilities =============================================================== Product: www.freewebshop.org Version: 2.2.x, may...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/11/02 12:0 a.m.14 views

FreeWebshop.org Script &lt;= 2.2.2 Multiple Remote Vulnerabilities

No description provided by source. Product: www.freewebshop.org Version: 2.2.x, maybe lower Critical Lvl : Highly critical Where : From Remote Exploits: Bypass Login: username:admin password:' or 'a'='a Read Files: /index.php?page=info&action=../../../../../../../../../../../../etc/passwd%00 List...

7.1AI score
Exploits0
OSV
OSV
added 2006/03/07 9:6 p.m.2 views

DEBIAN-CVE-2006-1063

Unspecified vulnerability in Lurker 2.0 and earlier allows remote attackers to create or overwrite files in any writable directory that is named "mbox"...

5CVSS6.9AI score0.01965EPSS
Exploits0References1
NVD
NVD
added 2005/06/28 4:0 a.m.25 views

CVE-2005-1759

Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they have been created, a different vulnerability than CVE-2005-1751...

1.2CVSS6.1AI score0.00352EPSS
Exploits0References5
0day.today
0day.today
added 2005/05/21 12:0 a.m.16 views

Mozilla Firefox view-source:javascript url Code Execution Exploit

Exploit for multiple platform in category remote exploits ================================================================= Mozilla Firefox view-source:javascript url Code Execution Exploit ================================================================= Firelinking 2 - Proof-of-Concept by mikx...

7.1AI score
Exploits0
NVD
NVD
added 2004/08/04 4:0 a.m.17 views

CVE-2004-1679

Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote attackers to create arbitrary files via a .../ triple dot in the 1 CWD, 2 STOR, or 3 RETR commands...

5CVSS6.7AI score0.01745EPSS
Exploits0References5
CVE
CVE
added 2000/07/12 4:0 a.m.47 views

CVE-2000-0354

CVE-2000-0354 affects mirror 2.8.x on Linux; remote attackers can create files one level above the local target directory. Impact: partial integrity impact via a network vector with low complexity and no authentication. No remediation details are provided in the supplied documents.

5CVSS6.9AI score0.02391EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder