CVE-2015-5313

Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storagebackendfs.c in libvirt, when fine-grained Access Control Lists ACL are in effect, allows local users with storagevol:create ACL but not domain:write permission to write to arbitrary files via ...

CVE-2016-0784

Directory traversal vulnerability in the Import/Export System Backups functionality in Apache OpenMeetings before 3.1.1 allows remote authenticated administrators to write to arbitrary files via a .. dot dot in a ZIP archive entry...

Arbitrary File Write

Overview Affected versions of cli use predictable temporary file names. If an attacker can create a symbolic link at the location of one of these temporarly file names, the attacker can arbitrarily write to any file that the user which owns the cli process has permission to write to. Proof of...

Apache OpenMeetings OpenMeetings Administration Menu Directory Traversal Vulnerability

Apache OpenMeetings is the United States Apache Apache Software Foundation developed a set of multi-language customizable video conferencing and collaboration system, which supports audio, video and allows users to view each participant's desktop and so on. A directory traversal vulnerability...

MGASA-2016-0104 Updated pigz packages fix security vulnerability

Multiple directory traversal vulnerabilities in pigz 2.3.1 allow remote attackers to write to arbitrary files via a full pathname or .. dot dot in an archive CVE-2015-1191...

CactiEZ plugin weathermap arbitrary file write vulnerability

Cacti is a set of PHP, MySQL, SNMP and RRDTool based on the development of graphical analysis of network traffic monitoring tools.Weathermap is cacti in one of the most used plug-ins , you can use it to draw a network topology map . The CactiEZ plugin weathermap has an arbitrary file write...

OCS Inventory NG 2.2 - SQL Injection

OCS Inventory NG 2.2 - SQL Injection Exploit Title: OCS Inventory NG /ocsreports/index.php?function=visusearch - Time-based SQL Injection Choose a parameter, use EXACTLY operator: ' union select sleep5; - Code execution Bypass input escape and write to filesystem webshell PoC: ' union select...

OCS Inventory NG 2.2 - SQL Injection

Exploit for php platform in category web applications Exploit Title: OCS Inventory NG /ocsreports/index.php?function=visusearch - Time-based SQL Injection Choose a parameter, use EXACTLY operator: ' union select sleep5; - Code execution Bypass input escape and write to filesystem webshell PoC: '...

OCS Inventory NG 2.2 - SQL Injection

Exploit Title: OCS Inventory NG /ocsreports/index.php?function=visusearch - Time-based SQL Injection Choose a parameter, use EXACTLY operator: ' union select sleep5; - Code execution Bypass input escape and write to filesystem webshell PoC: ' union select CONCATchar60,char63,'php echo...

CVE-2016-1505

The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore...

Haxx cURL Arbitrary File Write Vulnerability

Haxx cURL is a set of file transfer tools from the Swedish company Haxx that utilize URL syntax to work at the command line. A security vulnerability exists in Haxx cURL versions prior to 7.47.0 for Windows platforms, which can be exploited to write arbitrary files in the current working director...

CVE-2016-0754

cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name...

CVE-2016-0754

cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name...

CVE-2016-0754

cURL before 7.47.0 on Windows allows attackers to write to arbitrary files in the current working directory on a different drive via a colon in a remote file name...

CVE-2016-0754

The issue CVE-2016-0754 affects the cURL command line tool for Windows prior to 7.47.0. A lack of data sanitization allows an attacker to write arbitrary files in the current working directory on a different drive when a colon appears in a remote file name, exploitable on Windows (where colons de...

Digital Paradise Mobile Office Middleware Interface Arbitrary File Write Vulnerability

Digital Paradise's MKey3G mobile office middleware is an enterprise-oriented application BYOD middleware platform, which has been widely used in energy, finance, government and enterprises. There is an arbitrary file writing vulnerability in the interface of Digital Paradise's mobile office...

commons-fileupload: Arbitrary file upload via deserialization

The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance...

CVE-2016-0727

The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to...

UBUNTU-CVE-2016-0727

The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to...

Unrestricted file upload

Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess before 8.1 allows remote attackers to write to files of arbitrary types via unspecified vectors...