465 matches found
PT-2014-6308 · Hewlett Packard · Hp Data Protector
Name of the Vulnerable Software and Affected Versions: HP Data Protector affected versions not specified Description: The issue allows remote attackers to create arbitrary files via an opcode-1091 request, or create or delete arbitrary files via an opcode-305 request. The vendor reportedly assert...
webcaf <= 1.4 (lfi/rce) Multiple Vulnerabilities
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl webcaf = 1.4 Multiple Remote Vulnerabilities Script: WebCAF is a web-based child and family database...
orbis cms 1.0 (afd/adf/asu/sql) Multiple Vulnerabilities
No description provided by source. + Orbis CMS 1.0 AFD/ADF/ASU/SQL Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Dork : Powered by Orbis CMS + Download script : http://www.novo-ws.com/orbis-cms/download.shtml + Arbitrary File Download + -...
Ppim <= 1.0 (Arbitrary File Delete/XSS) Multiple Vulnerabilities
No description provided by source. Author : BeyazKurt Contact : [email protected] Script : Ppim v1.0 Bu ne bicim script adidir amk :D Download : http://scripts.ringsworld.com/organizers/ppim.zip D0rk : inurl:events.php?listallevents File Delete Vulnerability: upload.php...
Solaris <= 10 LPD Arbitrary File Delete Exploit (metasploit)
No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artisti...
HP Instant Support 1.0.22 - 'HPISDataManager.dll' ActiveX Control Arbitrary File Delete Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29536/info HP Instant Support 'HPISDataManager.dll' ActiveX control is prone to a vulnerability that lets attackers delete arbitrary files on the affected computer in the context of the application using the ActiveX...
Piwigo 2.4.6 (install.php) Remote Arbitrary File Read/Delete Vulnerability
No description provided by source. Piwigo 2.4.6 install.php Remote Arbitrary File Read/Delete Vulnerability Vendor: Piwigo project Product web page: http://www.piwigo.org Affected version: 2.4.6 Summary: Piwigo is a photo gallery software for the web that comes with powerful features to publish a...
symantec web gateway 5.0.2.8 - Multiple Vulnerabilities
Software: Symantec Web Gateway Current Software Version: 5.0.2.8 Product homepage: www.symantec.com Author: S2 Crew Hungary CVE: CVE-2012-0297, CVE-2012-0298, ??? File include: https://192.168.82.207/spywall/previewProxyError.php?err=../../../../../../../../etc/passwd File include and OS command...
DMXReady Blog Manager <= 1.1 - Remote File Delete Vulnerability
No description provided by source. Title : DMXReady Blog Manager = 1.1 Remote Files Delete Vulnerability Author : ajann from Turkey Contact : : S.Page : http://www.dmxready.com $$ : 199.97 $ Dork : inurl:incwebblogmanager.asp DorkEx :...
MyFirstCMS <= 1.0.2 - Remote Arbitrary File Delete Vulnerability
No description provided by source. --+++==========================================================================+++-- --+++========== MyFirstCMS = 1.0.2 Remote File Delete Vulnerability ==========+++-- --+++==========================================================================+++-- + Author...
LokiCMS <= 0.3.3 Arbitrary File Delete Vulnerability
No description provided by source. Name : LokiCMS 0.3.3 = Arbitrary File Delete Vulnerability Author : cOndemned Greetz : ZaBeaTy, GregStar, irk4z, doctor, Avantura ; Usage: http://target/lokiCMS/admin.php?delete=path/file PoC: http://target/lokiCMS/admin.php?delete=../includes/Config.php Deletin...
CVE-2014-3292
The Real Time Monitoring Tool RTMT implementation in Cisco Unified Communications Manager Unified CM allows remote authenticated users to 1 read or 2 delete arbitrary files via a crafted URL, aka Bug IDs CSCuo17302 and CSCuo17199...
CVE-2012-0943
debian/guest-account in Light Display Manager lightdm 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and...
大汉版通系统任意文件上传/删除漏洞
简要描述: 大汉版通某系统存在多处任意文件上传/删除漏洞 详细说明: 一、漏洞代码 文件上传: 漏洞一:/xxgk/jcmsfiles/jcms1/web1/site/zfxxgk/ysqgk/attachupload.jsp 漏洞二:/xxgk/jcmsfiles/jcms1/web1/site/zfxxgk/ysqgk/applyattachupload.jsp 文件删除: 上述两个文件同时存在任意文件删除漏洞 先来看任意文件删除的代码: if"D".equalsstrBillStatus delFileName =...
PT-2013-6222 · Synology · Synology Diskstation Manager
Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 4.3-3810 Update 3 Description: Multiple directory traversal vulnerabilities in the FileBrowser components allow remote attackers to read, write, and delete arbitrary files via a .. dot dot in...
CVE-2013-6226
CVE-2013-6226: A directory traversal vulnerability in Pydio/AjaXplorer’s Zoho plugin (plugins/editor.zoho/agent/save_zoho.php) affects versions before 5.0.4, allowing remote read/delete of arbitrary files via untrusted input. Root cause is an unprotected path traversal in the Zoho plugin. Impact ...
SMB File Delete Utility
This module deletes a file from a target share and path. The usual reason to use this module is to work around limitations in an existing SMB client that may not be able to take advantage of pass-the-hash style authentication. This module requires Metasploit: https://metasploit.com/download Curre...
Moodle 2.5.0-1 (badges/external.php) PHP Object Injection Vulnerability
============================================= - Original release date: 15 September, 2013 - Discovered by: Emilio Pinna Application Security Analyst at Abinsula - Contact: emilio pinn gmail ============================================= VULNERABILITY ---------------------- Moodle CMS version 2.5.0...
Moodle CMS 2.5.0-1 Cross Site Scripting Vulnerability
Moodle CMS version 2.5.0-1 suffers from a cross site scripting vulnerability. ============================================= - Original release date: 15 September, 2013 - Discovered by: Emilio Pinna Application Security Analyst at Abinsula - Contact: emilio pinn gmail...
Tipask 2.0 前台任意文件删除漏洞
简要描述: tipask可以调整头像保存并删除原始头像 在删除原始头像时使用了post提交的参数 造成任意文件删除漏洞 详细说明: function onsaveimg $x1 = $this- post'x1' ; $y1 = $this- post'y1' ; $x2 = $this- post'x2' ; $y2 = $this- post'y2' ; $w = $this- post'w' ; $h = $this- post'h' ; $ext = $this- post'ext' ; $uploadtmpfile = TIPASKROOT . "/data/tmp/"...