F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 文件读取漏洞

Exploit Title: F5 BigIP File Path Traversal Vulnerability Discovered by: Karn Ganeshen Reported on: April 27, 2015 New version released on: September 01, 2015 Vendor Homepage: www.f5.com Version Reported: F5 BIG-IP 10.2.4 Build 595.0 Hotfix HF3 CVE-2015-4040 https://vulners.com/cve/CVE-2015-4040...

Redis File Upload

This module can be used to leverage functionality exposed by Redis to achieve somewhat arbitrary file upload to a file and directory to which the user account running the redis instance has access. It is not totally arbitrary because the exact contents of the file cannot be completely controlled...

SIMOGEO FileManager 2.3.0 - Multiple Vulnerabilities

Exploit Title: SIMOGEO FileManager 2.3.0 - Path Traversal Vulnerability Date: 2015-12-09 Exploit Author: HaHwul Exploit Author Blog: http://www.codeblack.net Vendor Homepage: https://github.com/simogeo/Filemanager Software Link: git clone http://github.com/simogeo/Filemanager.git Version: 2.3.0...

Design/Logic Flaw

sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."...

LineNity WP Premium Theme Local File Inclusion

Document Title: =============== LineNity WP Premium Theme - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1645 Release Date: ============= 2015-11-15 Vulnerability Laboratory ID VL-ID: ==================================== 164...

CVE-2006-5178

Race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the openbasedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the openbasedir check and before the file is opened by the underlying system, as...

CVE-2007-0448

The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safemode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI...

MGASA-2015-0396 Updated git packages fix security vulnerability

The git package has been updated to version 2.3.10, fixing a few security issues. These include buffer and integer overflow issues with long file path names and large files, as well as a remote code execution flaw with some protocols like git-remote-ext and specially crafted URLs. See the upstrea...

F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - Directory Traversal

F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - Directory Traversal Exploit Title: F5 BigIP File Path Traversal Vulnerability Discovered by: Karn Ganeshen Reported on: April 27, 2015 New version released on: September 01, 2015 Vendor Homepage: www.f5.com Version Reported: F5 BIG-IP 10.2.4 Build 595.0...

F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - File Path Traversal Vulnerability

Exploit for hardware platform in category web applications Exploit Title: F5 BigIP File Path Traversal Vulnerability Discovered by: Karn Ganeshen Reported on: April 27, 2015 New version released on: September 01, 2015 Vendor Homepage: www.f5.com Version Reported: F5 BIG-IP 10.2.4 Build 595.0 Hotf...

F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - Directory Traversal

Exploit Title: F5 BigIP File Path Traversal Vulnerability Discovered by: Karn Ganeshen Reported on: April 27, 2015 New version released on: September 01, 2015 Vendor Homepage: www.f5.com Version Reported: F5 BIG-IP 10.2.4 Build 595.0 Hotfix HF3 CVE-2015-4040...

USN-2758-1 php5 vulnerabilities

It was discovered that the PHP phar extension incorrectly handled certain files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. CVE-2015-5589 It was discovered that the PHP phar extension incorrectly handled certain filepaths. A remote attacker cou...

WordPress Esplanade 1.1.4 Theme Reflected XSS

$GET'tab' is not escaped.File: esplanade\includes\theme-options.phpfunction esplanadethemepage addthemepage 'Esplanade Theme Options', 'esplanade' , 'Theme Options', 'esplanade' , 'editthemeoptions', 'esplanadeoptions', 'esplanadeadminoptionspage' ; addaction 'adminmenu', span clas...

Microsoft Windows Media Center - MCL (MS15-100) (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS15-100 Microsoft Windows Media Center MCL Vulnerability", 'Description' = %q This module exploits a vulnerability in Windows Media...

FineCms 免费版任意文件上传漏洞

路径：dayrui/libraries/Chart/ofcuploadimage.php $defaultpath = '../tmp-upload-images/'; if !fileexists$defaultpath mkdir$defaultpath, 0777, true; $destination = $defaultpath . basename $GET 'name' ; echo 'Saving your image to: '. $destination; $jfh = fopen$destination, 'w' or die"can't open file";...

DEBIAN-CVE-2015-1331

lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/...

JVN#20459920: Microsoft Office discloses a file path of a local file

When a file such as a clipart or an image is inserted in Office documents, the absolute path of the local file is stored in "alternative text". Impact An attacker may obtain information about the file system or the user name through Office documents. Solution Upgrade the Software Upgrade to the...

Oracle Endeca Information Discovery Integrator ETL Server CopyFile Remote Code Execution Vulnerability

This vulnerability allows remote attackers the ability to execute arbitrary code on vulnerable instances of Oracle Endeca Information Discovery. Authentication is required to exploit this vulnerability but an authentication bypass is known. The specific flaw exists in the handling of the CopyFile...

Oracle Endeca Information Discovery Integrator ETL Server RenameFile Remote Code Execution Vulnerability

This vulnerability allows remote attackers the ability to execute arbitrary code on vulnerable instances of Oracle Endeca Information Discovery. Authentication is required to exploit this vulnerability but an authentication bypass is known. The specific flaw exists in the handling of the RenameFi...

[USN-2658-1] PHP vulnerabilities

========================================================================== Ubuntu Security Notice USN-2658-1 July 06, 2015 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...