Lucene search
K

935 matches found

Cvelist
Cvelist
added 2005/06/21 4:0 a.m.23 views

CVE-2002-1741

Directory traversal vulnerability in WorldClient.cgi in WorldClient for Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to delete arbitrary files via a ".." dot dot in the Attachments parameter...

6.4AI score0.01084EPSS
Exploits1References3
NVD
NVD
added 2005/05/02 4:0 a.m.18 views

CVE-2005-0120

helvis 1.8h21 and earlier allows local users to delete arbitrary files via the elvprsv setuid program...

2.1CVSS6.4AI score0.00358EPSS
Exploits1References1
NVD
NVD
added 2005/05/02 4:0 a.m.18 views

CVE-2005-0332

Directory traversal vulnerability in DeskNow Mail and Collaboration Server 2.5.12 allows remote attackers to 1 upload and possibly execute files outside the directory via the AttachmentsKey parameter to attachment.do, as demonstrated using JSP pages, or 2 delete arbitrary files via the selectfile...

7.5CVSS7.2AI score0.02001EPSS
Exploits0References8
NVD
NVD
added 2005/05/02 4:0 a.m.15 views

CVE-2005-1201

Multiple directory traversal vulnerabilities in AZ Bulletin board AZbb before 1.0.08 allow 1 remote authenticated users with administrative privileges to delete arbitrary files via a .. dot dot in the URL to adminavatar.php or adminattachment.php or 2 remote attackers to enumerate files via a...

6.4CVSS6.7AI score0.03362EPSS
Exploits2References8
OSV
OSV
added 2005/05/02 4:0 a.m.3 views

DEBIAN-CVE-2005-0536

Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to delete arbitrary files or determine file existence via a parameter related to image deletion...

5CVSS6.8AI score0.0193EPSS
Exploits0References1
CVE
CVE
added 2005/02/10 5:0 a.m.57 views

CVE-2005-0332

The CVE-2005-0332 entry concerns DeskNow Mail and Collaboration Server (v2.5.12) with two directory traversal flaws. The first allows remote upload (and possible JSP-based execution) through the AttachmentsKey parameter to attachment.do, enabling files to be placed outside the intended directory....

7.5CVSS7.2AI score0.02001EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.22 views

CVE-2004-2225

Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button...

5CVSS6.6AI score0.01805EPSS
Exploits0References6
OSV
OSV
added 2004/12/21 5:0 a.m.1 views

DEBIAN-CVE-2004-0452

Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack...

2.6CVSS6.3AI score0.00406EPSS
Exploits0References1
OSV
OSV
added 2004/01/10 5:0 a.m.2 views

DEBIAN-CVE-2004-1000

lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack...

2.1CVSS6.7AI score0.0035EPSS
Exploits0References1
NVD
NVD
added 2003/04/11 4:0 a.m.13 views

CVE-2002-1422

admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters...

5CVSS6.7AI score0.0661EPSS
Exploits1References4
NVD
NVD
added 2002/09/24 4:0 a.m.17 views

CVE-2002-0974

Help and Support Center for Windows XP allows remote attackers to delete arbitrary files via a link to the hcp: protocol that accesses uplddrvinfo.htm...

5CVSS6.8AI score0.13669EPSS
Exploits0References6
CVE
CVE
added 2001/01/22 5:0 a.m.44 views

CVE-2000-0911

CVE-2000-0911 affects IMP 2.2 and earlier. The vulnerability arises from modifying the hidden attachment_name form variable, enabling an attacker to read and delete arbitrary files by causing IMP to send the targeted file to the attacker as an attachment. The available sources confirm the affecte...

5CVSS7AI score0.01855EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2000/10/13 4:0 a.m.25 views

CVE-2000-0076

nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover...

6.2AI score0.00305EPSS
Exploits0References2
NVD
NVD
added 1999/08/19 4:0 a.m.23 views

CVE-1999-0732

The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links...

2.1CVSS6.4AI score0.00349EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 1999/08/19 12:0 a.m.4 views

PT-1999-1310 · Debian · Smtp-Refuser

Name of the Vulnerable Software and Affected Versions: Debian smtp-refuser affected versions not specified Description: The issue affects the logging facility of the Debian smtp-refuser package, allowing local users to delete arbitrary files using symbolic links. Recommendations: At the moment,...

2.1CVSS6.2AI score0.00349EPSS
Exploits0References2
Rows per page
Query Builder