DEBIAN-CVE-2018-10245

A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682. The attack can, for example, use the awstats.pl framename and update parameters...

Node.js third-party modules: [localhost-now] bypassing url filter which leads to read content of arbitrary file

Hi guys, i can bypass url filter in localhost-now module. It allows to read content of arbitrary files on the remote server. Module module name: localhost-now version: 1.0.2 npm page: https://www.npmjs.com/package/localhost-now Module Stats 26 downloads in the last week Vulnerability Description...

CVE-2018-9205

Vulnerability in avataruploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path...

Path traversal

Vulnerability in avataruploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path...

CVE-2018-9205

Vulnerability in avataruploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path...

CVE-2018-9205

Vulnerability in avataruploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path...

CVE-2018-9205

Drupal avatar_uploader v7.x-1.0-beta8 is vulnerable to Local/Arbitrary File Disclosure because view.php does not restrict file paths or verify user permissions, allowing unauthenticated retrieval of arbitrary files from the server (e.g., via uploadDir). The issue is a path traversal style flaw in...

Directory Traversal

github.com/mholt/caddy is vulnerable to directory traversal attacks. The vulnerability was introduced by a regression introduced when clients were updated to use Storage instead of Locker, and exists due to the lack of sanitization of file path. It can be optionally be mitigated by running...

Homematic CCU2 2.29.23 - Arbitrary File Write Exploit

Exploit for cgi platform in category web applications !/usr/bin/ruby Exploit Title: Homematic CCU2 Arbitrary File Write Date: 28-03-18 Exploit Author: Patrick Muench, Gregor Kopf Vendor Homepage: http://www.eq-3.de Software Link: http://www.eq-3.de/service/downloads.html?id=268 Version: 2.29.23 C...

CVE-2018-1000126

Ajenti version 2 contains an Information Disclosure vulnerability in Line 176 of the code source that can result in user and system enumeration as well as data from the /etc/ajenti/config.yml file. This attack appears to be exploitable via network connectivity to the web application...

Windows Desktop Bridge VFS Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Desktop Bridge VFS does not take into acccount user/kernel mode when managing file paths. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;...

Arbitrary File Editing Vulnerability in SDCMS Version v3.3

SDCMS is a PHP 3-in-1 website management system independently developed by Fireworks Network. SDCMS v3.3 version of the existence of arbitrary file editing vulnerability, the vulnerability stems from the file path to modify the file and the content of the file to be written into the file are not...

CVE-2017-9447

In the web interface of Parallels Remote Application Server RAS 15.5 Build 16140, a vulnerability exists due to improper validation of the file path when requesting a resource under the "RASHTML5Gateway" directory. A remote, unauthenticated attacker could exploit this weakness to read arbitrary...

Trend Micro Email Encryption Gateway Multiple Vulnerabilities

1. Advisory Information Title: Trend Micro Email Encryption Gateway Multiple Vulnerabilities Advisory ID: CORE-2017-0006 Advisory URL:http://www.coresecurity.com/core-labs/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities Date published: 2018-02-21 Date of last update:...

EmpireCMS class/connect.php File Path Leakage Vulnerability

EmpireCMS is a free CMS Content Management System. A security vulnerability exists in EmpireCMS versions 6.6 through 7.2. The vulnerability can be exploited by a remote attacker to obtain the full path with the help of the class/connect.php file...

Node.js third-party modules: [public] Path Traversal allows to read content of arbitrary files

Hi Guys, There is Path Traversal in public module. It allows to read content of arbitrary files on the remote server. Module public Run static file hosting server with specified public dir & port. Support a "direcotry index" like Apache httpd. https://www.npmjs.com/package/public version: 0.1.2...

Debian: Security Advisory (DLA-978-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the rmtree and remove_tree functions in the Perl File-Path interpreter allows a hacker to compromise data integrity.

The vulnerabilities of the rmtree and removetree functions in the Perl File-Path interpreter are caused by synchronization errors when using a shared resource due to race conditions between the check time and the use time. Exploiting these vulnerabilities can allow a remote attacker to compromise...

CVE-2017-1000472

The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...

CVE-2017-1000472

The ZipCommon::isValidPath function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompression, and possibly create or overwrite arbitrary...