Atlassian Confluence 6.15.1 Directory Traversal

Exploit Title: Atlassian Confluence 6.15.1 - Directory Traversal Metasploit Google Dork: N/A Date: 2019-11-11 Exploit Author: max7253 Vendor Homepage: https://www.atlassian.com Software Link: https://www.atlassian.com/software/confluence/download-archives Version: 6.15.1 Tested on: Microsoft...

Atlassian Confluence 6.15.1 - Directory Traversal Exploit

Exploit for jsp platform in category web applications Exploit Title: Atlassian Confluence 6.15.1 - Directory Traversal Metasploit Vendor Homepage: https://www.atlassian.com Software Link: https://www.atlassian.com/software/confluence/download-archives Version: 6.15.1 Tested on: Microsoft Windows ...

PT-2019-13937 · Yandex +1 · Clickhouse +1

Name of the Vulnerable Software and Affected Versions: ClickHouse versions prior to 19.14.3 Description: The issue allows an attacker with write access to ZooKeeper and the ability to run a custom server on the network where ClickHouse runs to create a malicious server acting as a ClickHouse...

Atlassian Confluence 6.15.1 - Directory Traversal (Metasploit)

Atlassian Confluence 6.15.1 - Directory Traversal Metasploit Exploit Title: Atlassian Confluence 6.15.1 - Directory Traversal Metasploit Google Dork: N/A Date: 2019-11-11 Exploit Author: max7253 Vendor Homepage: https://www.atlassian.com Software Link:...

Atlassian Confluence 6.15.1 Directory Traversal

Exploit Title: Atlassian Confluence 6.15.1 - Directory Traversal Google Dork: N/A Date: 2019-11-11 Exploit Author: max7253 Vendor Homepage: https://www.atlassian.com Software Link: https://www.atlassian.com/software/confluence/download-archives Version: 6.15.1 Tested on: Microsoft Windows 7...

Atlassian Confluence 6.15.1 - Directory Traversal Vulnerability

Exploit for jsp platform in category web applications Exploit Title: Atlassian Confluence 6.15.1 - Directory Traversal Exploit Author: max7253 Vendor Homepage: https://www.atlassian.com Software Link: https://www.atlassian.com/software/confluence/download-archives Version: 6.15.1 Tested on:...

Atlassian Confluence 6.15.1 - Directory Traversal

Exploit Title: Atlassian Confluence 6.15.1 - Directory Traversal Google Dork: N/A Date: 2019-11-11 Exploit Author: max7253 Vendor Homepage: https://www.atlassian.com Software Link: https://www.atlassian.com/software/confluence/download-archives Version: 6.15.1 Tested on: Microsoft Windows 7...

Cisco TelePresence Collaboration Endpoint Software Arbitrary File Write (cisco-sa-20191016-tele-ce-filewrite)

According to its self-reported version, the Cisco TelePresence Collaboration Endpoint CE Cisco TelePresence Software is affected by a vulnerability due to improper permission assignment. An authenticated, local attacker can exploit this by logging in as the remotesupport user to write files to th...

kubernetes: `kubectl cp` allows for arbitrary file write via double symlinks

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be...

LAquis SCADA LGX Report Arbitrary File Write (CVE-2018-18988)

An arbitrary file write vulnerability exists in LAquis SCADA LGX report. Successful exploitation of this vulnerability could result in arbitrary file write and possible arbitrary code execution...

CVE-2010-0398

The init script in autokey before 0.61.3-2 allows local attackers to write to arbitrary files via a symlink attack...

DEBIAN-CVE-2010-0398

The init script in autokey before 0.61.3-2 allows local attackers to write to arbitrary files via a symlink attack...

kubernetes: `kubectl cp` allows for arbitrary file write via double symlinks

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be...

CVE-2010-2064

rpcbind 0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /tmp/portmap.xdr and 2 /tmp/rpcbind.xdr...

CVE-2010-2064

CVE-2010-2064 affects rpcbind 0.2.0; local attackers can write to arbitrary files or gain privileges via a symlink attack on /tmp/portmap.xdr and /tmp/rpcbind.xdr. Root cause: incorrect handling of symbolic links in temporary files leads to privilege/escalation risk. Exploitation details are not ...

The numerous vulnerabilities in the API interface of the WADashboard component of the Advantech WebAccess software allow a perpetrator to write or overwrite any files in the file system.

The multiple vulnerabilities of the API interface of the WADashboard component in the Advantech WebAccess remote monitoring software are related to deficiencies in path validation before its use in file operations. Exploiting these vulnerabilities could allow a malicious actor to read arbitrary...

The vulnerability of the centralized service for supporting information about configuration, naming, distributed synchronization, and providing group services in Apache ZooKeeper makes it possible for a attacker to write arbitrary files to the operating system of the vulnerable device.

The vulnerability of the centralized service for supporting information about configuration, naming, distributed synchronization, and providing group services in Apache ZooKeeper exists due to the lack of authentication when joining a quorum. Exploiting this vulnerability allows an attacker to...

Samba CVE-2019-10218 Path Traversal Arbitrary File Write Vulnerability

Description Samba is prone to an arbitrary file write vulnerability. Successful exploits may allow an attacker to write arbitrary files to the affected system. This may aid in further attacks. Technologies Affected Samba Samba 3.4.0 Samba Samba 3.4.1 Samba Samba 3.4.10 Samba Samba 3.4.11 Samba...

UBUNTU-CVE-2019-11482

Sander Bos discovered a time of check to time of use TOCTTOU vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories...

Cisco TelePresence Collaboration Endpoint Software Arbitrary File Write Vulnerability

Cisco TelePresence is a Cisco TelePresence solution. A security vulnerability exists in Cisco TelePresence Collaboration Endpoint CE versions prior to 9.8.1 due to an improperly assigned privilege. The vulnerability can be exploited by an attacker to write to files in the /root directory by loggi...