Squiz CMS 11654 File Path Traversal

======= Summary ======= Name: Squiz CMS - File Path Traversal Release Date: 30 November 2012 Reference: NGS00330 Discoverer: Robert Ray Vendor: Squiz Vendor Reference: 11846 Systems Affected: Squiz CMS V11654 Risk: High Status: Published ======== TimeLine ======== Discovered: 29 June 2012 Release...

Google Chrome < 23.0.1271.95 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 23.0.1271.95 and is, therefore, affected by the following vulnerabilities : - A use-after-free error exists related to media source handling. CVE-2012-5137 - An unspecified error exists related to file path handling...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 161564 High CVE-2012-5138: Incorrect file path handling. Credit to Google Chrome Security Team Jüri Aedla. 162835 High CVE-2012-5137: Use-after-free in media source handling. Credit to Pinkie Pie...

Opera < 12.11 Multiple Vulnerabilities

The version of Opera installed on the remote host is earlier than 12.11 and is, therefore, reportedly affected by the following vulnerabilities : - A heap-based buffer overflow error exists related to handling HTTP responses that can lead to application crashes or arbitrary code execution. 1036 -...

XSS in Issue Collector

Hi Atlassian! There is a XSS vulnerability in the issue collector: File: /atlassian-jira-5.1.8-source/jira-issue-collector-plugin/src/main/resources/templates/view-collector.vm Line 82: $issue.summary Anonymous users can inject JS in the issue summary which usually will be executed by users with...

USN-1614-1: Ruby vulnerabilities

Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. USN-1602-1 fixed these vulnerabilities in other Ubuntu releases. This update provides the...

Ubuntu Update for ruby1.9.1 USN-1614-1

Ubuntu Update for Linux kernel vulnerabilities USN-1614-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16141.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for ruby1.9.1 USN-1614-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Th...

Ubuntu 12.04 LTS / 12.10 : ruby1.9.1 vulnerabilities (USN-1614-1)

Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. USN-1602-1 fixed these vulnerabilities in other Ubuntu releases. This update provides the...

Blog Mod 0.1.9 SQL Injection

How does this exploit works? It exploits one of the several SQL Injections in the system. Specifiedly, in the file "index.php", parr "month". Usage: php filename.php / function puts$str echo $str."\n"; function gets return trimfgetsSTDIN; function hex$string $hex=''; // PHP 'Dim' = for $i=0; $i...

Fedora 16 : munin-2.0.6-2.fc16 (2012-13649)

added DBDIRNODE for munin-node and remove File::Path as it is no longer needed. Update to 2.0.6, and bug fixes Added init files for asyncd Updated to 2.0.5 Update to munin 2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

Readily remember arbitrary file upload flaws and fixes-vulnerability warning-the black bar safety net

Heard readily lend good make, registration number ready to buy a membership first try Pass avatar when the first-mover can now select all of the files, selected a qq. exe, point to upload, the bottom right corner traffic moving, Tip: incorrect format, open firebug, and then upload the returned fi...

CVE-2012-1586

mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message...

Design/Logic Flaw

mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message...

open_basedir after there may be security risks-vulnerability warning-the black bar safety net

The current php site security configuration is substantially openbasedir+safemode, it is indeed very invincible, very safe, even when permission is not a good environment settings, so the configuration is quite safe, and, of course, does not consider some of the you can bypass. This article...

Windows Service Trusted Path Privilege Escalation

Exploit for windows platform in category local exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

Windows Service Trusted Path Privilege Escalation

This module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:\program files\hello.exe; The Windows API will try to interpret this as two possible paths:...

Discuz X2 路徑洩漏

简要描述： 缺少 exit‘Access Denied’; 直接浏览该程序直接报错 BTW 一共发现了7个 XSS 包含储存式跟反射式. 等之后整完整點再发出来 详细说明： 檔案路徑: /source/include/misc/miscranklistindex.php 漏洞证明：...

Scientific Linux Security Update : perl on SL5.x i386/x86_64

Perl is a high-level programming language commonly used for system administration utilities and web programming. The Safe extension module allows users to compile and execute Perl code in restricted compartments. The File::Path module allows users to create and remove directory trees. The Safe...

CentOS Update for rsyslog CESA-2012:0796 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

DEBIAN-CVE-2012-3360

Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...