U-Mail Webmail 4.91 - 'edit.php' Arbitrary File Write

U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan Wang Date: 2008-10-30 Web:...

umail-filewrite.txt

U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan Wang Date: 2008-10-30 Web:...

CVE-2008-4210

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...

CVE-2008-4210

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable...

MemHT Portal 3.9.0 - Remote Create Shell

!/usr/bin/perl MemHT Portal = 3.9.0 Perl exploit discovered & written by Ams ax330d doggy gmail dot com DESCRIPTION: Script /inc/incstatistics.php accepts unfiltered $COOKIE's, $COOKIE'statsres' which later goes to MySQL request. So we are able to make sql injection. This exploit tries to create...

FreeBSD Ports: libxine

The remote host is missing an update to the system as announced in the referenced advisory. VID e50b04e8-9c55-11d8-9366-0020ed76ef5a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

hiox-addadmin.txt

"; fclose$file; $creat = "false"; echo "New User Created Please Wait You will be Redirected to Login Page "; else echo "Enter correct Username or Password "; if$creat == "true" ? tr width=400 height...

JDK untrusted applet/application privilege escalation (6661918)

Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as...

CVE-2008-3109

Unspecified vulnerability in scripting language support in Sun Java Runtime Environment JRE in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants itself...

WISE-FTP 4.15.5.8 - FTP Client LIST Directory Traversal

WISE-FTP 4.15.5.8 - FTP Client LIST Directory Traversal source: https://www.securityfocus.com/bid/29844/info WISE-FTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue allows an attacker to write...

DSA-1577-1 gforge - insecure temporary files

Bulletin has no description...

PHP-Nuke Platinum 7.6.b.5 (dynamic_titles.php) SQL Injection Exploit

No description provided by source. !/usr/bin/perl Inphex use LWP::UserAgent; use LWP::Simple; use IO::Socket; use Switch; PHP-Nuke Platinum , ForumsStandart - magicquotesgpc = OFF , SQL Injection nukeusers Structure: userid name username useremail femail userwebsite useravatar userregdate usericq...

PHP-Nuke Platinum 7.6.b.5 (dynamic_titles.php) SQL Injection Exploit

Exploit for unknown platform in category web applications ==================================================================== PHP-Nuke Platinum 7.6.b.5 dynamictitles.php SQL Injection Exploit ==================================================================== !/usr/bin/perl Inphex use...

Debian Security Advisory DSA 499-1 (rsync)

The remote host is missing an update to rsync announced via advisory DSA 499-1. OpenVAS Vulnerability Test $Id: deb4991.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 499-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

CVE-2007-6652

cpie.php in XCMS 1.83 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct direct static code injection attacks and execute arbitrary code via the testo0 parameter in a cpie admin action to index.php, which writes to dati/generali/footer.dtb...

HP Software Update client 3.0.8.4 Multiple Remote Vulnerabilities

No description provided by source. Advisory: ///////// There is another remotely exploitable flaw within software preinstalled in HP notebook machines. This time, the culprit is automatic software update tool provided by the vendor.The Potential exploitation may lead ...

CVE-2002-2353

CVE-2002-2353 concerns TFTPD32, where versions 2.50 and 2.50.2 allow a remote attacker to read or write arbitrary files by using a full pathname in GET and PUT requests. The issue is network-triggered and arises from the TFTP server’s handling of pathnames (no authentication implied in the entry)...

sphpblog051-multi.txt

Title: Simple PHP Blog sphpblog Released on: 2007/10/21 Changelog: ---------- L M H T Summary: Ip Spoofing X X Cross Site Scripting X X Session Fixation X X mail CRLF Injection X Local File Inclusion +CSRF X X File Deletion +CSRF X X File Upload Vulnerability X X Code Execution +CSRF X X Legend: ...

Moderate: Red Hat Security Advisory: tar security update

Updated tar package that fixes a path traversal flaw is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNU tar program saves many files together in one archive and can restore individual files or all of the files from that...

HP Digital Imaging 'hpqvwocx.dll 2.1.0.556' - 'SaveToFile()' File Write

------------------------------------------------------------------------------- HP Digital Imaging hpqvwocx.dll v. 2.1.0.556 "SaveToFile" Insecure Method url: http://www.hp.com/ author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational...