6884 matches found
CVE-2017-16598
This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed...
Design/Logic Flaw
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
CVE-2017-16605
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
Design/Logic Flaw
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
CVE-2017-16601
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
Design/Logic Flaw
This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed...
CVE-2017-16601
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
CVE-2017-16598
This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed...
CVE-2017-16601
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
CVE-2017-16600
This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...
Design/Logic Flaw
This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...
CVE-2017-16600
This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...
CVE-2017-16600
NetGain Systems Enterprise Manager 7.2.730 build 1034 is affected by CVE-2017-16600 due to a directory traversal in the org.apache.jsp.u.jsp.reports.templates.network.traffic_005freport_jsp servlet. The flaw occurs when parsing the filename parameter, which is used for file operations without pro...
CVE-2017-16601
NetGain Systems Enterprise Manager 7.2.730 build 1034 is affected by CVE-2017-16601. The vulnerability resides in the org.apache.jsp.u.jsp.reports.templates.service.service_005ffailures_jsp servlet (listening by default on TCP 8081) and stems from improper validation of a user-supplied filename p...
CVE-2017-16604
NetGain Systems Enterprise Manager 7.2.730 build 1034 is affected by a directory-traversal vulnerability in the servlet org.apache.jsp.u.jsp.cnnic.asset.deviceReport.deviceReport_005fexport_005fdo_jsp. The flaw occurs when parsing the filename parameter, allowing an attacker to overwrite arbitrar...
CVE-2017-16600
This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...
CVE-2017-16601
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
The vulnerability of the rubygems package manager arises from insufficient validation of input data, allowing attackers to overwrite any file.
The vulnerability of the rubygems package manager exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to overwrite any file...
CVE-2017-1000472
The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...
Syncthing Symbolic Link Traversal Vulnerability
Syncthing is an open source continuous file synchronization program. A security vulnerability exists in Syncthing 0.14.33 and earlier versions. An attacker can exploit the vulnerability to overwrite arbitrary files...