CVE-2017-6512

Race condition in the rmtree and removetree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic...

CVE-2017-6512

Race condition in the rmtree and removetree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic...

UBUNTU-CVE-2017-6512

Race condition in the rmtree and removetree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic...

Path Traversal

jokkedk/webgrind is vulnerable to path traversals. By using an absolute file path in the file parameter in index.php, attackers are able read an arbitrary file...

Exploit for Code Injection in Samba

SambaCry RCE exploit for Samba 4.5.9 !Docker Pullshttps:/...

Delightful Downloads <= 1.6.6 - Unauthenticated Path Traversal

Since no authentication or authorisation checks for direct access to the jqueryFileTree.php are made, the vulnerability allows for browsing the file system on a host out of an unauthenticated context. Even though no file content can be exfiltrated this way, "hidden" files e.g. in the web...

onArcade 2.4.x Local File Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title: onArcade 2.4.x Local File Get Contents Vulnerability Google Dork: inurl:"cup.php?a=all" Date: 23 Mar 2017 Exploit Author: Deyaa Muhammad Author Mail: contact at deyaa.me Exploit Blog:...

CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

DEBIAN-CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

UBUNTU-CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

CVE-2015-0855

CVE-2015-0855 affects Pitivi prior to version 0.95, where the _mediaLibraryPlayCb function in pitivi/mainwindow.py can be abused to execute arbitrary OS commands via shell metacharacters in a file path. Multiple advisories (Debian, OpenSUSE, Fedora, Mageia, Ubuntu-related updates) acknowledge thi...

CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

tomcat: information disclosure due to incorrect Processor sharing

A bug was discovered in the error handling of the send file code for the NIO HTTP connector. This led to the current Processor object being added to the Processor cache multiple times allowing information leakage between requests including, and not limited to, session ID and the response body...

Wireless IP Camera (P2P) WIFICAMRSA Key and Certificate Disclosure Vulnerability

Wireless IP Camera P2P WIFICAM is a wireless IP camera. Wireless IP Camera P2P WIFICAM RSA key and certificate disclosure vulnerability. /system/www/pem/ck.pem contains an Apple certificate with a private RSA key, which can be exploited by an attacker to obtain sensitive information...

WordPress Multiple Plugins - Arbitrary File Upload

WordPress Multiple Plugins - Arbitrary File Upload import requests import random import string print "---------------------------------------------------------------------" print "Multiple Wordpress Plugin - Remote File Upload Exploit\nDiscovery: Larry W. Cashdollar\nExploit Author: Munir...

Coppermine Gallery 1.5.44 Directory Traversal

Coppermine Gallery = 1.5.44 directory traversal vulnerability ============================================================== Coppermine is a multi-purpose fully-featured and integrated web picture gallery script written in PHP using GD or ImageMagick as image library with a MySQL backend. A...

CVE-2016-6852

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Users can provide local file paths to the RSS reader; the response and error code give hints about whether the provided file exists or not. Attackers may discover specific system files or library versions on the middleware...