CVE-2014-9282

Directory traversal vulnerability in the Speed Root Explorer application before 3.2 for Android and the Speed Explorer application before 2.2 for Android allows remote attackers to write to arbitrary files via a crafted filename...

DEBIAN-CVE-2015-1589

Directory traversal vulnerability in arCHMage 0.2.4 allows remote attackers to write to arbitrary files via a .. dot dot in a CHM file...

Rsync Arbitrary File Write Vulnerability

rsync is a data mirroring backup application for Unix-like systems developed by Australian software developers Andrew Tridgell and Paul Mackerras that synchronizes file and directory updates between two computers and uses differential encoding to reduce data transfers. An arbitrary file write...

DEBIAN-CVE-2015-1197

cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive...

CVE-2014-1831

Phusion Passenger before 4.0.37 allows local users to write to certain files and directories via a symlink attack on 1 controlprocess.pid or a 2 generation- file...

CVE-2014-1832

CVE-2014-1832 affects Phusion Passenger 4.0.37 and is caused by insecure handling of temporary files, enabling a local attacker to perform a symbolic/link attack on (1) control_process.pid or (2) generation-* files. This allows writing to certain files/directories with local access. The issue ari...

齐博CMS某处任意文件写入getshell（需要一定权限）

简要描述： 一个二次操作造成的任意文件写入。需要一定权限，自评为鸡肋。作为一个诚实的孩子，是怎样就怎样，我会把问题说的很清楚以避免误会哦 详细说明： 只拿整站做说明，下载最新版本。 /inc/function.inc.php 1507行 //自定义内容页文件名缓存生成 function getshowhtmltype global $db,$pre,$Fiddb; $query = $db-query"SELECT aid,htmlname FROM $prearticle WHERE htmlname!=''"; while$rs = $db-fetcharray$query...

u5CMS 'u5admin/deletefile.php' directory traversal vulnerability

u5CMS is a content management system CMS based on PHP, MySQL and Apache for medium-sized websites, conferences, audit processes, PayPal payments and online surveys. The system supports WYSIWYG editor, creating survey forms and data storage. A directory traversal vulnerability exists in the u5CMS...

CVE-2014-9512

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...

CVE-2014-9512

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...

CVE-2014-9512

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...

CVE-2014-9512

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...

CVE-2014-9512

CVE-2014-9512 affects rsync 3.1.1, enabling a remote attacker to write arbitrary files via a symlink attack during synchronization. The vulnerability is caused by improper handling of symlinks in the transfer/path, allowing modification of files on the target host. Multiple connected sources refe...

UBUNTU-CVE-2014-9512

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...

VMware Workstation 10.x < 10.0.5 Multiple Vulnerabilities (VMSA-2015-0001) (Linux)

The version of VMware Workstation installed on the remote host is version 10.x prior to 10.0.5. It is, therefore, affected by the following vulnerabilities : - An unspecified flaw exists that allows a local attacker to escalate privileges or cause a denial of service via an arbitrary write to a...

VMware ESXi updates address security issues (VMSA-2015-0001)

VMware ESXi address several security issues. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-8370

VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service arbitrary write to a file by modifying a configuration file...

WordPress plugin Pixabay Images arbitrary file write vulnerability (CNVD-2015-00815)

The Pixabay Images plugin is a plugin that supports the insertion of selected CC0 public domain photos from Pixabay an image material sharing network anywhere in the blog. An arbitrary file write vulnerability exists in versions of the WordPress plugin Pixabay Images prior to 2.4, which allows...

WordPress plugin Pixabay Images arbitrary file write vulnerability (CNVD-2015-00817)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Pixabay Images is one of the support for selecting photos from Pixabay image material sharing network in the CC0...

WordPress Plugin Pixabay Images Directory Traversal Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Pixabay Images is one of the support for selecting photos from Pixabay image material sharing network in the CC0...