58 matches found
Directory traversal
Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authenticated users to 1 read, 2 delete, or 3 create files, or 4 list directories, via a ..%5C encoded dot dot backslash in a URI...
CVE-2012-4991
Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authenticated users to 1 read, 2 delete, or 3 create files, or 4 list directories, via a ..%5C encoded dot dot backslash in a URI...
DEBIAN-CVE-2012-3513
munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command...
CVE-2010-4250
Memory leak in the inotifyinit1 function in fs/notify/inotify/inotifyuser.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service memory consumption via vectors involving failed attempts to create files...
CVE-2010-3028
The Aardvertiser component before 2.2.1 for Joomla! uses insecure permissions 777 in unspecified folders, which allows local users to modify, create, or delete certain files...
Directory traversal
Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful mlmmj 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. dot d...
CVE-2009-4896
Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful mlmmj 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. dot d...
CVE-2010-2251
The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted...
CVE-2010-2024
transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/...
MDaemon mail server weak permissions
Installation folder allows User group to create files, making it possible to spoof system DLLs with local ones...
FreeWebshop.org Script <= 2.2.2 Multiple Remote Vulnerabilities
Product: www.freewebshop.org Version: 2.2.x, maybe lower Critical Lvl : Highly critical Where : From Remote Exploits: Bypass Login: username:admin password:' or 'a'='a Read Files: /index.php?page=info&action=../../../../../../../../../../../../etc/passwd00 List Passwords:...
FreeWebshop.org Script <= 2.2.2 Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications =============================================================== FreeWebshop.org Script = 2.2.2 Multiple Remote Vulnerabilities =============================================================== Product: www.freewebshop.org Version: 2.2.x, may...
FreeWebshop.org Script <= 2.2.2 Multiple Remote Vulnerabilities
No description provided by source. Product: www.freewebshop.org Version: 2.2.x, maybe lower Critical Lvl : Highly critical Where : From Remote Exploits: Bypass Login: username:admin password:' or 'a'='a Read Files: /index.php?page=info&action=../../../../../../../../../../../../etc/passwd%00 List...
DEBIAN-CVE-2006-1063
Unspecified vulnerability in Lurker 2.0 and earlier allows remote attackers to create or overwrite files in any writable directory that is named "mbox"...
CVE-2005-1759
Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they have been created, a different vulnerability than CVE-2005-1751...
Mozilla Firefox view-source:javascript url Code Execution Exploit
Exploit for multiple platform in category remote exploits ================================================================= Mozilla Firefox view-source:javascript url Code Execution Exploit ================================================================= Firelinking 2 - Proof-of-Concept by mikx...
CVE-2004-1679
Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote attackers to create arbitrary files via a .../ triple dot in the 1 CWD, 2 STOR, or 3 RETR commands...
CVE-2000-0354
CVE-2000-0354 affects mirror 2.8.x on Linux; remote attackers can create files one level above the local target directory. Impact: partial integrity impact via a network vector with low complexity and no authentication. No remediation details are provided in the supplied documents.