2496 matches found
betaparticle blog 2.0/3.0 myFiles.asp Unauthenticated File Manipulation
No description provided by source. source: http://www.securityfocus.com/bid/12861/info betaparticle blog is reported prone to multiple vulnerabilities. The following individual issues are reported: It is reported that betaparticle blog fails to sufficiently secure the authentication credential...
360 Web Manager 3.0 - Multiple Vulnerabilities
No description provided by source. Exploit Title: Multiple vulnerabilities in 360 Web Manager 3.0 Google Dork: Powered by 360 Web Manager 3.0 Date: 15/04/2011 Author: Ignacio Garrido Contact: [email protected] Software Link: www.360webmanager.com Version: v3.0 Tested on: Linux 2.6.18 Vulnerabilit...
USB Sharp 1.3.4 iPad iPhone - Multiple Vulnerabilities
No description provided by source. Title: ====== USB Sharp v1.3.4 iPad iPhone - Multiple Web Vulnerabilities Date: ===== 2013-02-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=873 VL-ID: ===== 873 Common Vulnerability Scoring System:...
mkportal <= 1.2.1 () Multiple Vulnerabilities
No description provided by source. waraxe-2009-SA070 - Multiple Vulnerabilities in MKPortal = 1.2.1 ============================================================================== Author: Janek Vind waraxe Date: 15. January 2009 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-70.html...
Digital Amp MP3 3.1 (.Mp3) Local Crash PoC
No description provided by source. !/usr/bin/perl H0m3 : S3curity-art.com M4!l: [email protected] T3st3d on: Windows XP SP3 print Tic-Tac; my $boom=\x41 x 1500; my $filename = B000M.mp3; open FILE,$filename; print FILE $boom; print \nFile successfully created!\n;...
Core Image Fun House <= 2.0 Arbitrary Code Execution PoC (OSX)
No description provided by source. !/usr/bin/ruby Copyright c Netragard, LLC. [email protected] /Developer/Applications/Graphics Tools/Core Image Fun House.app /Contents/MacOS/Core Image Fun House gdb x/10s 0xbfffddf7 0xbfffddf7: 'Z' repeats 101 times, DCBA center 2007-07-10 21:15:34.573 Core...
CDRTools 2.0 RSCSI Debug File Arbitrary Local File Manipulation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8328/info It has been reported that the rscsi utility may provide for the modification of ownership and the corruption of arbitrary attacker specified files. It has been reported that a local attacker may invoke the rscsi...
Oracle Database 8i/9i Multiple Remote Directory Traversal Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12749/info Oracle Database server is reported prone to multiple directory traversal vulnerabilities that may allow a remote attacker to read, write, or rename arbitrary files with the privileges of the Oracle Database...
IRIX 5.2/6.0 permissions File Manipulation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1751/info The IRIX's /usr/lib/desktop/permissions tool is a suid and sgid root applications normally used by users to modify permissions of their files and files they are privileged for. A vulnerability in the permissions...
qibocms 新闻系统 Getshell (需结合解析漏洞)
简要描述: IIS || Apache。 详细说明: http://bbs.qibosoft.com/down2.php?v=news1.0down 下载地址。 在news/member/post.php中 requireonceMpath."inc/check.postarticle.php"; if$job=='postnew' if$step=='post' postnew; //生成静态 makearticlehtml"$Murl/member/post.php?job=endHTML&aid=$aid"; $mid && $mid继续发表新主题 续发本主题 返回主题列表 查看主...
Design/Logic Flaw
The File Abstraction Layer FAL in TYPO3 6.0.x before 6.0.9 and 6.1.x before 6.1.4 does not properly check permissions, which allows remote authenticated users to create or read arbitrary files via a crafted URL...
GLSA-201405-17 : Munin: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201405-17 Munin: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Munin. Please review the CVE identifiers referenced below for details. Impact : A local attacker could perform symlink attacks to overwrite...
ElasticSearch - Remote Code Execution
ElasticSearch - Remote Code Execution body padding-top: 50px; .starter-template padding: 40px 15px; text-align: center; function esinject var readfile; var writefile; readfile = functionfilename return "import java.util.;\nimport java.io.;\nnew Scannernew File"" + filename +...
Hewlett-Packard Virtual User Generator EmulationAdmin Service Information Disclosure Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Virtual User Generator. Authentication is not required to exploit this vulnerability. The specific flaw exists within the exposed EmulationAdminSoapBinding web service. The issue lies in the...
CVE-2013-5374: IBM PureData System for Analytics file manipulation
IBM’s advisory confirms CVE-2013-5374 affects all Netezza Performance Server versions before 7.1.0.1 in the IBM PureData System for Analytics. The issue allows reading and modifying local files via unknown vectors, with exploitation requiring authentication and specific permissions. Impact includ...
Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities
Stored XSS vulnerability in BP Group Documents 1.2.1 Description ================ Stored XSS vulnerability in BP Group Documents 1.2.1 Vulnerability ================ “Display name” and “Description” fields are not escaped, meaning any tags including script tags can be stored in them. Proof of...
CentOS 6 : wget (CESA-2014:0151)
An updated wget package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
CVE-2011-2725
Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. dot dot sequences in a zip file...
CVE-2014-1604
The parser cache functionality in parsergenerator.py in RPLY aka python-rply before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-.json file with a predictable name...
libreswan多个漏洞
CVE ID:CVE-2013-4564 Libreswan是一款类似OpenSwan的IPsec实现。 1处理"processpacket方法pluto/demux.c中IKE数据包时的错误,导致通过特制的IKE数据包造成libreswan重新启动。 2处理"ikev2parentinI1outR1"函数(pluto/ikev2parent.c中IKE通告报文时的错误,导致利用特制的IKE引起libreswan重新启动。 3为RHEL处理libreswan.spec文件时应用程序不安全创建/var/tmp/libreswan-nss-pwd文件,可被利用来操纵某些数据。 0...