CVE-2005-3287

Incomplete blacklist vulnerability in Mailsite Express allows remote attackers to upload and possibly execute files via attachments with executable extensions such as ASPX, which are not converted to .TXT like other dangerous extensions, and which can be directly requested from the cache director...

CVE-2002-1819

CVE-2002-1819 describes a directory traversal vulnerability in TinyHTTPD 0.1.0 that allows remote attackers to read or execute arbitrary files via a ".." in the URL. The cited sources (NVD, CVE list, Red Hat advisory) confirm the existence of this flaw but do not provide patch details or explicit...

firefoxSploit.txt

Firelinking 2 - Proof-of-Concept by mikx var pf = navigator.platform.toLowerCase; if pf.indexOf"win" != -1 var os = "win"; else if pf.indexOf"mac" != -1 var os = "mac"; else var os = "linux" function runDemo // this is an ugly caching workaround document.getElementById'outhtml'.innerHTML = "";...

CVE-2005-1705

gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb...

USN-115-1: Kommander vulnerability

Eckhart Wörner discovered that Kommander opens files from remote and possibly untrusted locations without user confirmation. Since Kommander files can contain scripts, this would allow an attacker to execute arbitrary code with the privileges of the user opening the file. The updated Kommander wi...

CVE-2005-1451

The CVE-2005-1451 entry affects Serendipity’s media manager prior to version 0.8. The vulnerability allows remote attackers to upload and execute arbitrary files of type .php or .shtml, enabling possible remote code execution on the affected server. The available documents do not provide addition...

CVE-2005-1304

The citat.pl script allows remote attackers to execute arbitrary files via shell metacharacters in the argument...

PHPMyVisites 1.3 - 'Set_Lang' File Inclusion

source: https://www.securityfocus.com/bid/13370/info phpMyVisites allows attackers to include arbitrary files. While it has been demonstrated that local files may be included through this vulnerability, there is an unconfirmed possibility of remote file inclusion. Exploitation could disclose loca...

OpenText FirstClass 8.0 Client Arbitrary File Execution

Product: OpenText FirstClass 8.0 Client Homepage: http://www.firstclass.com Platform: Microsoft Windows Description: Insufficient validation of user input allows arbitrary file execution FirstClass bookmark files allow the user to organise their web address's using the familiar FirstClass desktop...

PHP mcNews <= 1.3 arbitrary file inclusion (VXSfx)

-- == -- == -- == -- == -- == -- == -- == -- == -- == -- Name: PHP mcNews Version: 1.3 Homepage: http://www.phpforums.net/index.php?dir=dld Author: Filip Groszynski VXSfx Date: 7 March 2005 -- == -- == -- == -- == -- == -- == -- == -- == -- == -- Vulnerable code in mcNews/admin/header.php: ? //...

CVE-2004-1610

SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary files and execute code via the 1 vMME.AttachmentPath or 2 vMME.LibraryPath variables...

DivX Player 2.6 - .Skin File Directory Traversal

DivX Player 2.6 - .Skin File Directory Traversal source: https://www.securityfocus.com/bid/12332/info DivX Player is reported prone to a directory traversal vulnerability. The issue presents itself when DPS '.dps', archive files are processed. Ultimately an attacker may exploit this issue to save...

CVE-2004-1368

ISQLPlus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script...

opera -- "data:" URI handler spoofing vulnerability

A Secunia Advisory reports: Michael Holzt has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to an error in the processing of "data:" URIs, causing wrong information to be shown in a...

CVE-2004-2255

Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote attackers to read arbitrary files, and possibly execute local PHP files, via the action variable, which is used as part of a template filename...

CVE-2004-1426

Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to read arbitrary files and execute arbitrary PHP files via .. dot dot sequences in the lng parameter...

CVE-2004-1408

The addImage method for admin.class.php in Image Gallery Web Application 0.9.10 does not properly check filenames, which allows remote attackers to upload and execute arbitrary files...

Yak! Chat Client 2.x - FTP Server Directory Traversal

source: https://www.securityfocus.com/bid/11433/info Yak! Chat Client FTP server is reported prone to a remote directory traversal vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data. This issue can ultimately allow an attacker to compromise a computer...

Yak! Chat Client 2.x - FTP Server Directory Traversal

Yak! Chat Client 2.x - FTP Server Directory Traversal source: https://www.securityfocus.com/bid/11433/info Yak! Chat Client FTP server is reported prone to a remote directory traversal vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data. This issue can...

Microsoft Internet Explorer treats arbitrary files as images for drag and drop operations

Overview Microsoft Internet Explorer IE treats arbitrary files as images during drag and drop mouse operations. This could allow an attacker to trick a user into copying a file to a location where it may be executed, such as the Windows StartUp folder. Description IE treats any file referenced by...