Novell File Reporter Agent Arbitrary File Delete (CVE-2011-2750)

A policy bypass vulnerability exists in Novell File Reporter. The vulnerability allow a remote attacker to delete arbitrary files using OPERATION 4 commands, respectively.A remote unauthenticated attacker can leverage the vulnerability to delete arbitrary files, including system files, from the...

Novell File Reporter Agent Arbitrary File Delete

NFRAgent.exe in Novell File Reporter allows remote attackers to delete arbitrary files via a full pathname in an SRS request with OPERATION set to 4 and CMD set to 5 against /FSF/CMD. This module has been tested successfully on NFR Agent 1.0.4.3 File Reporter 1.0.2 and NFR Agent 1.0.3.22 File...

Chamilo 1.8.8.4 XSS / File Deletion

Chamilo 1.8.8.4 Multiple Vulnerabilities ======================== CVE: CVE-2012-4029 Issue: Reflected XSS PHPSELF in third-party app, Stored XSS PHPSELF XSS http://chamilo-1.8.8.4/main/inc/lib/phpdocx/pdf/www/examples.php/'" Stored XSS unfiltered input categoryname...

FreeBSD : puppet -- multiple vulnerabilities (3a6960ef-c8a8-11e1-9924-001fd0af1a4c)

puppet -- multiple vulnerabilities Arbitrary file read on the puppet master from authenticated clients high. It is possible to construct an HTTP get request from an authenticated client with a valid certificate that will return the contents of an arbitrary file on the Puppet master that the maste...

puppet -- multiple vulnerabilities

puppet -- multiple vulnerabilities Arbitrary file read on the puppet master from authenticated clients high. It is possible to construct an HTTP get request from an authenticated client with a valid certificate that will return the contents of an arbitrary file on the Puppet master that the maste...

Symantec Web Gateway 5.0.2.8 Multiple Vulnerabilities

Exploit for linux platform in category web applications Software: Symantec Web Gateway Current Software Version: 5.0.2.8 Product homepage: www.symantec.com Author: S2 Crew Hungary CVE: CVE-2012-0297, CVE-2012-0298, ??? File include:...

Ultimate PHP Board 2.2.7 - Broken Authentication and Session Management

Ultimate PHP Board 2.2.7 - Broken Authentication and Session Management Exploit Title : Ultimate PHP Board 2.2.7 "Broken Authentication and Session Management" Date : 2011.05.17 Author : i2sec - Gi bum Hong Software Link : http://sourceforge.net/projects/textmb/files/UPB/UPB%202.2.7/ Version :...

PHPCMS 2 0 0 8 SP2 latest local file inclusion vulnerability-vulnerability warning-the black bar safety net

PHPCMS into the hardest hit. A vulnerability would allow people to storm out. 0day also often have. Nonsense not much said. Directly on the method. Take the shell method: Contains:admin/safe. inc. php file GET submitted data Will be generated under the root directory a word Encrypt the following...

[DSECRG-00143] SAP Crystal Reports 2008 - ActiveX insecure methods

DSECRG-11-002 Internal DSECRG-00143 SAP Crystal Report Server 2008 scriptinghelpers.dll ActiveX component - Insecure methods The component contains insecure methods by which you can overwrite any file in the OS, run the executable file, kill process, delete the file. Application: SAP Crystal Repo...

Buffy 1.3 - Directory Traversal

Buffy 1.3 - Directory Traversal $argv0, 'host' = $argv1, 'port' =...

BKBilisim Portal Multiple Vulnerability

Exploit for php platform in category web applications ======================================= BKBilisim Portal Multiple Vulnerability ======================================= BKBilisim Portal Multiple Vulnerability Author ZoRLu mail-msn: email protected Home: z0rlu.blogspot.com Date: 07/09/2010...

TitanFTP Server COMB directory traversal

Accensus Security Advisory L-01 TitanFtp Server Arbitrary File Download/Delete Details ============= Product: TitanFTPd Security-Risk: high Remote-Exploit: maybe, assuming anonymous ftp access Local-Exploit: yes Vendor URL: http://www.southrivertech.com/ Found By: Bill Finlayson...

Orbis CMS 1.0 (AFD/ADF/ASU/SQL) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications =============================================================== Orbis CMS 1.0 AFD/ADF/ASU/SQL Multiple Remote Vulnerabilities =============================================================== + Orbis CMS 1.0 AFD/ADF/ASU/SQL Multiple Remote...

Orbis CMS 1.0 - File Delete Download File Arbitrary File Upload SQL Injection

Orbis CMS 1.0 - File Delete Download File Arbitrary File Upload SQL Injection + Orbis CMS 1.0 AFD/ADF/ASU/SQL Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Dork : Powered by Orbis CMS + Download script :...

Orbis CMS 1.0 - File Delete / Download File / Arbitrary File Upload / SQL Injection

Orbis CMS 1.0 AFD/ADF/ASU/SQL Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Dork : Powered by Orbis CMS + Download script : http://www.novo-ws.com/orbis-cms/download.shtml + Arbitrary File Download Arbitrary Delete File + - No login...

Orbis CMS 1.0 (AFD/ADF/ASU/SQL) Multiple Remote Vulnerabilities

No description provided by source. + Orbis CMS 1.0 AFD/ADF/ASU/SQL Multiple Remote Vulnerabilities + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Dork : Powered by Orbis CMS + Download script : http://www.novo-ws.com/orbis-cms/download.shtml + Arbitrary File Download + -...

PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete

PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete !/usr/bin/perl 0-Day PunBB Automatic Image Upload $AllowDelete = "Members"; use LWP::UserAgent; use HTTP::Cookies; my $UserName,$PassWord,$DirectoryFile,$DeleteFile = @ARGV; if@ARGV 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, or...

Podcast Generator多个模块文件包含和任意文件删除漏洞

BugCVE: CVE-2009-1230 CVE-2008-1124 CVE-2008-1125 BUGTRAQ: 34317 28038 Podcast Generator的core/archivecat.php、core/admin/itunescategories.php和core /admin/login.php页面没有正确地过滤对GLOBALSabsoluteurl参数所传送的输入，core/themes.php页面没有正确地过滤对GLOBALSthemepath参数所传送的输入，这可能用于包含本地或外部资源的任意文件；此外core/admin...

MyFirstCMS <= 1.0.2 Remote Arbitrary File Delete Vulnerability

No description provided by source. --+++==========================================================================+++-- --+++========== MyFirstCMS = 1.0.2 Remote File Delete Vulnerability ==========+++-- --+++==========================================================================+++-- + Author...

MyFirstCMS <= 1.0.2 Remote Arbitrary File Delete Vulnerability

Exploit for unknown platform in category web applications ============================================================== MyFirstCMS = 1.0.2 Remote Arbitrary File Delete Vulnerability ==============================================================...