CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6871 matches found

OSV•added 2006/11/04 1:7 a.m.•6 views

CVE-2006-5705

Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the 1 backup and 2 fragment parameters in a GET request...

6.3AI score

Exploits0References11

seebug.org•added 2006/10/27 12:0 a.m.•17 views

IBM AIX cfgmgr工具本地权限提升及任意文件覆盖漏洞

IBM AIX是一款商业性质的UNIX操作系统。 AIX的cfgmgr工具的实现上存在缓冲区漏洞，本地攻击者可能利用此漏洞提升权限或导致文件覆盖。如果system组的用户提交了大于长度2K的目录路径字符串做为参数的话，就会触发这个漏洞，导致覆盖任意系统文件或以root用户权限执行任意指令。 IBM AIX 5.3 IBM AIX 5.2 厂商补丁： IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： ftp://aix.software.ibm.com/aix/efixes/security/cfgmgrifix.tar.Z...

6.9AI score

Exploits0

seebug.org•added 2006/10/27 12:0 a.m.•53 views

Mac OS X DS_Store Arbitrary File Overwrite Exploit

No description provided by source. !/usr/bin/perl OSX Finder DSStore arbitrary file overwrite exploit. root version vade79 - [email protected] fakehalo/realhalo this will create a directory called "xfinder" in your home directory, once the root user has modified that directory using Finder in almost...

7.1AI score

Exploits0

seebug.org•added 2006/10/27 12:0 a.m.•12 views

IBM AIX rdist工具本地任意文件覆盖漏洞

IBM AIX是一款商业性质的UNIX操作系统。 AIX的/usr/bin/rdist工具实现上存在漏洞，本地攻击者可能利用此漏洞覆盖任意文件并以root用户权限执行任意指令。 IBM AIX 5.3 IBM AIX 5.2 临时解决方法：删除setuid root位： chmod 555 /usr/bin/rdist 厂商补丁： IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： ftp://aix.software.ibm.com/aix/efixes/security/rdistifix.tar.Z...

6.9AI score

Exploits0

CVE•added 2006/10/12 12:0 a.m.•69 views

CVE-2006-4842

CVE-2006-4842 is documented as a local privilege-escalation in Netscape Portable Runtime (libnspr) where LIBNSPR prior to 4.6.3 allows the user to influence the log file via the NSPR_LOG_FILE environment variable. Evidence in connected docs shows Solaris-specific context: unpatched Solaris system...

3.6CVSS7.3AI score0.07683EPSS

Exploits27References10Affected Software1

EUVD•added 2006/10/12 12:0 a.m.•2 views

EUVD-2006-4829

The Netscape Portable Runtime NSPR API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files...

3.6CVSS7.3AI score0.07683EPSS

Exploits27References11

Exploit DB•added 2006/09/29 12:0 a.m.•213 views

UBBCentral UBB.Threads 6.5.1.1 - 'doeditconfig.php' Code Execution

!/usr/bin/php -q -d shortopentag=on ? // UBB.threads Multiple input validation error // Discovered By : HACKERS PAL // Copy rights : HACKERS PAL // Website : http://www.soqor.net // Email Address : [email protected] // Tested on Version 6 6.5.1.1 and other versions maybe affected // Remote File...

7.4AI score

Exploits0

securityvulns•added 2006/09/28 12:0 a.m.•36 views

IBM AIX utilities multiple security vulnerabilities

Xclock buffer overflow; utape, cfgmgr, rdist, uucp, snappd, named8 and mkvg privilege escalation; slip.login and Inventory Scout arbitrary file overwrite...

3.2AI score

Exploits0References10Affected Software1

NVD•added 2006/09/27 1:7 a.m.•15 views

CVE-2006-5002

Unspecified vulnerability in IBM Inventory Scout for AIX 2.2.0.0 through 2.2.0.9 invscoutClientVPDSurvey allows attackers to overwrite arbitrary files via unspecified vectors...

5CVSS6.4AI score0.01788EPSS

Exploits0References8

CVE•added 2006/09/27 1:0 a.m.•50 views

CVE-2006-5008

Summary: CVE-2006-5008 affects IBM AIX 5.2.0 and 5.3.0, specifically via the utape component, allowing attackers to remotely execute arbitrary commands and overwrite arbitrary files through unspecified vectors. The vulnerability is rated high (CVSS v2 base score 10.0) with network access, low att...

10CVSS7.3AI score0.03362EPSS

Exploits0References9Affected Software1

CVE•added 2006/09/27 1:0 a.m.•53 views

CVE-2006-5004

CVE-2006-5004 describes an unspecified vulnerability in the rdist command on IBM AIX 5.2.0 and 5.3.0 that allows local users to overwrite arbitrary files via unspecified vectors . The Connected documents reference vendor patches related to AIX components (e.g., PTFs U807065/U808211 for bos.net.tc...

2.1CVSS6.3AI score0.00359EPSS

Exploits0References8Affected Software1

securityvulns•added 2006/09/26 12:0 a.m.•43 views

[SA22062] IBM AIX Inventory Scout Arbitrary File Overwrite Vulnerability

TITLE: IBM AIX Inventory Scout Arbitrary File Overwrite Vulnerability SECUNIA ADVISORY ID: SA22062 VERIFY ADVISORY: http://secunia.com/advisories/22062/ CRITICAL: Less critical IMPACT: Manipulation of data WHERE: Local system OPERATING SYSTEM: AIX 5.x http://secunia.com/product/213/ DESCRIPTION: ...

1AI score

Exploits0

UbuntuCve•added 2006/08/24 8:4 p.m.•28 views

CVE-2006-4346

Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to 1 execute code via format string specifiers or 2 overwrite files via directory traversals involving unspecified vectors, as demonstrated by the...

7.5CVSS6.1AI score0.06349EPSS

Exploits0References1

Cvelist•added 2006/08/11 9:0 p.m.•27 views

CVE-2006-3813

A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows local users to overwrite arbitrary files with debugging information...

6AI score0.01199EPSS

Exploits1References4

CVE•added 2006/08/09 11:0 p.m.•49 views

CVE-2006-4049

CVE-2006-4049 concerns an unspecified local vulnerability in the utxconfig utility of Sun Ray Server Software 3.x that allows local users to create or overwrite arbitrary files via unknown attack vectors. The linked Nessus plugins reference Sun patch 114880-12 as a remediation for Sun Ray Server ...

2.1CVSS6.3AI score0.00387EPSS

Exploits0References6Affected Software1

CVE•added 2006/08/07 7:0 p.m.•54 views

CVE-2006-4013

CVE-2006-4013 affects Symantec Brightmail AntiSpam (SBAS) prior to 6.0.4. When the Control Center is accessible from any computer, remote attackers can exploit directory traversal in the DATABLOB-GET and DATABLOB-SAVE requests to read and overwrite files. The vulnerability enables remote access w...

7.6CVSS6.8AI score0.04304EPSS

Exploits0References9Affected Software1

exploitpack•added 2006/07/24 12:0 a.m.•13 views

RadScripts - a_editpage.php?Filename Arbitrary File Overwrite

RadScripts - aeditpage.php?Filename Arbitrary File Overwrite source: https://www.securityfocus.com/bid/19128/info Multiple Rad Scripts products are prone to an authentication-bypass vulnerability. These issues occur because the applications fail to prevent an attacker from accessing admin scripts...

0.7AI score

Exploits0

Exploit DB•added 2006/07/24 12:0 a.m.•27 views

RadScripts - 'a_editpage.php?Filename' Arbitrary File Overwrite

source: https://www.securityfocus.com/bid/19128/info Multiple Rad Scripts products are prone to an authentication-bypass vulnerability. These issues occur because the applications fail to prevent an attacker from accessing admin scripts directly without requiring authentication. A remote attacker...

7.4AI score

Exploits0

NVD•added 2006/07/18 3:37 p.m.•14 views

CVE-2006-3593

The command line interface CLI in Cisco Unified CallManager CUCM 5.01 through 5.03a allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704...

4CVSS6.5AI score0.00993EPSS

Exploits0References7

Cvelist•added 2006/07/14 8:0 p.m.•18 views

CVE-2006-3593

6.5AI score0.00993EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by