65 matches found
WordPress: [Buddypress] Arbitrary File Deletion through bp_avatar_set
Hi, The bpavatarset action in BuddyPress when cropping avatars allows an attacker to arbitrarily delete a file the webserver can delete through the 'originalfile' parameter. For example: Create a user on a Buddypress-powered Wordpress instance any user is OK, doesn't need to be admin, just needs ...
CentOS Update for dnsmasq CESA-2013:0277 centos6
Check for the Version of dnsmasq OpenVAS Vulnerability Test CentOS Update for dnsmasq CESA-2013:0277 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Oracle Hyperion Financial Management ActiveX File Upload
Added: 11/15/2011 BID: 50476 Background Oracle Hyperion Financial Management is a web-based financial consolidation, reporting and analysis solution. Problem Hyperion Financial Management webapp installs an ActiveX control on the target system. This control is marked as safe for scripting and...
CVE-2007-1741
Multiple race conditions in suexec in Apache HTTP Server httpd 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that th...
CVE-2007-1741
Multiple race conditions in suexec in Apache HTTP Server httpd 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that th...