6886 matches found
Design/Logic Flaw
cPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades SEC-161...
Design/Logic Flaw
cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update SEC-164...
CVE-2016-10770
cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update SEC-164...
CVE-2016-10770
CVE-2016-10770 affects cPanel prior to 60.0.25. The vulnerability allows arbitrary file-overwrite operations during a Roundcube update (SEC-164). The provided documents consistently describe this as a cPanel issue related to the update process, with no additional technical details (e.g., affected...
CVE-2016-10768
cPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades SEC-161...
CVE-2016-10768
CVE-2016-10768 affects cPanel prior to 60.0.25, where during preparation for MySQL upgrades a file-overwrite operation is possible (SEC-161). Vulnerable component: cPanel software; impact described as potential file overwrites during upgrade prep. Remediation: upgrade to cPanel 60.0.25 or later. ...
CVE-2017-18464
cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor SEC-226...
CVE-2017-18464
cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor SEC-226...
Design/Logic Flaw
cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor SEC-226...
CVE-2017-18464
cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor SEC-226...
CVE-2017-18464
CVE-2017-18464 affects cPanel before 62.0.17. The vulnerability arises in the WHM Zone Template editor (SEC-226), allowing arbitrary file overwrite due to insufficient input validation. Impact stated as potential for unauthorized file modification. The Red Hat and other sources confirm the same d...
Path Traversal
icedtea-web is vulnerable to path traversal.It is due to improper processing of elements of JNLP files, resulting in an arbitrary file overwrite...
Directory Traversal
icedtea-web is vulnerable to directory traversal in the nested jar auto-extraction leading to arbitrary file overwrite...
Valve: [steam client] Opening a specific steam:// url overwrites files at an arbitrary location
If a user opens steam://devkit-1/list-shortcuts?response=/tmp/testfile, a file /tmp/testfile will be created containing the response to this request. Another problem with this is that the file will be overwritten if it already exists. The owner of the file will be the same as the user that runs t...
CVE-2017-18458
cPanel before 62.0.17 allows file overwrite when renaming an account SEC-219...
CVE-2017-18458
cPanel before 62.0.17 allows file overwrite when renaming an account SEC-219...
Design/Logic Flaw
cPanel before 62.0.17 allows file overwrite when renaming an account SEC-219...
CVE-2017-18458
CVE-2017-18458 affects cPanel prior to 62.0.17. The issue allows a file to be overwritten when renaming an account (SEC-219). Primary information comes from cPanel advisories and vendor records; no exploit details are provided in the documents. The available sources confirm the affected product/v...
CVE-2017-18458
cPanel before 62.0.17 allows file overwrite when renaming an account SEC-219...
CVE-2017-18416
cPanel before 67.9999.103 allows arbitrary file-overwrite operations during a Roundcube SQLite schema update SEC-303...