705 matches found
CVE-2009-4023
Argument injection vulnerability in the sendmail implementation of the Mail::Send method Mail/sendmail.php in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111...
Adobe Reader Multiple Vulnerabilities (Oct 2009) - Linux
Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...
WINMOD 1.4 Stack Overflow
Winmod 1.4 .lst Local Stack Overflow Exploit RET overwrite+SEH http://www.software112.com/products/winmod+download.html Exploit for Windows XP SP3 en by corelan - c0d3r Greetings to Saumil and SK my $sploitfile = "c:\program files\winmod\xplsp3.lst"; my $buf="\x41" x 500;...
VideoLAN VLC Media Player 0.9.9 Buffer Overflow
!/usr/bin/ruby VideoLAN VLC Media Player 0.9.9 smb:// URI Stack-based Buffer Overflow Proof-of-Concept Bugtraq ID: 35500 The vulnerability can also be triggered via the VLC web interface disabled by default: http://vulnerableip:8080/requests/status.xml?command=inplay&input=smb://............ Patc...
PHP Security Bypass and File Writing Vulnerabilities (Dec 2008)
PHP is prone to a security bypass and a file writing vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php";...
Google Chrome / Opera crossite scripting
Page URL is written to file unfiltered when page is saved...
ORACLE to build the data file WriteWebShell-vulnerability warning-the black bar safety net
In fact, similar to the ORACLE such a powerful database, really not necessary with this soil the way SQLJ stored procedure write file can also be forced to helpless the other machine does not support SQLJ and UTLFILE package is also to kill? That you can also use the following I said this way SQL...
MemHT Portal <= 3.9.0 Remote Create Shell Exploit
Exploit for unknown platform in category web applications ================================================= MemHT Portal = 3.9.0 Remote Create Shell Exploit ================================================= !/usr/bin/perl MemHT Portal = 3.9.0 Perl exploit discovered & written by Ams DESCRIPTION:...
hiox-browseradd.txt
"; fclose$file; $creat = "false"; echo "New User Created Please Wait You will be Redirected to Login Page "; else echo "Enter correct Username or Password "; if$creat == "true" ? t...
HP Online Support Services ActiveX AppendStringToFile() arbitrary file writing
Overview The HP Online Support Services ActiveX control contains a method called AppendStringToFile. This may allow a remote, unauthenticated attacker to write to files on a vulnerable system. Description HP Services provides online product support services including HP Instant Support. The...
ZDI-08-027: CA BrightStor ARCserve Backup Arbitrary File Writing Vulnerability
ZDI-08-027: CA BrightStor ARCserve Backup Arbitrary File Writing Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-027 -- CVE ID: CVE-2008-2241 -- Affected Vendors: Computer Associates -- Affected Products: Computer Associates BrightStor ARCserve Server -- TippingPointTM IPS Custom...
DDIVRT-2008-11 BadBlue uninst.exe DoS
Title ----- DDIVRT-2008-11 BadBlue uninst.exe DoS Severity -------- Medium Date Discovered --------------- March 5th 2008 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: Steven James and r@b13$ Vulnerability Description ------------------------- BadBlue is a...
SetCMS 3.6.5 - Remote Command Execution
!/usr/bin/perl SetCMS v3.6.5 setcms.org remote commands execution exploit by RST/GHC o4.o9.2oo6 coded by 1dt.w0lf THIS IS UNPUBLISHED RST/GHC EXPLOIT CODE KEEP IT PRIVATE про багу: file: functions.php FUNCTION ip global $userid; ifgetenv'HTTPCLIENTIP' $userip = getenv'HTTPCLIENTIP';...
Debian Security Advisory DSA 499-2 (rsync)
The remote host is missing an update to rsync announced via advisory DSA 499-2. OpenVAS Vulnerability Test $Id: deb4992.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 499-2 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Across the FSO WSH write file-vulnerability warning-the black bar safety net
Now the code also"upgrade"it,in order to achieve a file is written,because for the disabled FSO,WSH host to write the file is indeed a difficult thing. You might ask the shell object has the write file function? Indeed in the MSDN and there is no description,however, the shell object can already...
CVE-2007-2438
The sandbox for vim allows dangerous functions such as 1 writefile, 2 feedkeys, and 3 system, which might allow user-assisted attackers to execute shell commands and write files via modelines...
CVE-2007-2438
The sandbox for vim allows dangerous functions such as 1 writefile, 2 feedkeys, and 3 system, which might allow user-assisted attackers to execute shell commands and write files via modelines...
getID3 < 1.7.8-b1 Multiple Remote Vulnerabilities
getID3, a web-based tool for extracting information from MP3 files, is installed on the remote web server. The installation of getID3 includes a set of demo scripts that allow an unauthenticated, remote attacker to read and delete arbitrary files, write files with some restrictions, and execute...
Oracle 9i10g - utl_file FileSystem Access
Oracle 9i10g - utlfile FileSystem Access -- -- $Id: raptororafile.sql,v 1.1 2006/12/19 14:21:00 raptor Exp $ -- -- raptororafile.sql - file system access suite for oracle -- Copyright c 2006 Marco Ivaldi -- -- This is an example file system access suite for Oracle based on the utlfile -- package...
Microsoft RIS Server weak permissions
It's possible to write files via TFTP...