Lucene search
K

65 matches found

hackerone
hackerone
added 2016/11/20 6:36 a.m.25 views

WordPress: [Buddypress] Arbitrary File Deletion through bp_avatar_set

Hi, The bpavatarset action in BuddyPress when cropping avatars allows an attacker to arbitrarily delete a file the webserver can delete through the 'originalfile' parameter. For example: Create a user on a Buddypress-powered Wordpress instance any user is OK, doesn't need to be admin, just needs ...

1.9AI score
Exploits0
openvas
openvas
added 2013/03/12 12:0 a.m.43 views

CentOS Update for dnsmasq CESA-2013:0277 centos6

Check for the Version of dnsmasq OpenVAS Vulnerability Test CentOS Update for dnsmasq CESA-2013:0277 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

5CVSS7AI score0.05028EPSS
Exploits0References2
saint
saint
added 2011/11/15 12:0 a.m.36 views

Oracle Hyperion Financial Management ActiveX File Upload

Added: 11/15/2011 BID: 50476 Background Oracle Hyperion Financial Management is a web-based financial consolidation, reporting and analysis solution. Problem Hyperion Financial Management webapp installs an ActiveX control on the target system. This control is marked as safe for scripting and...

0.1AI score
Exploits0
ubuntucve
ubuntucve
added 2007/04/13 4:19 p.m.37 views

CVE-2007-1741

Multiple race conditions in suexec in Apache HTTP Server httpd 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that th...

6.2CVSS6.3AI score0.00516EPSS
Exploits0References1
debiancve
debiancve
added 2007/04/13 4:0 p.m.61 views

CVE-2007-1741

Multiple race conditions in suexec in Apache HTTP Server httpd 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that th...

6.2CVSS7.4AI score0.00516EPSS
Exploits0
Rows per page
Query Builder