7208 matches found
CVE-2011-3204
hammerhead.cc in Hammerhead 2.1.4 allows local users to write to arbitrary files via a symlink attack on 1 /tmp/hammer.log aka the HHLOG file or 2 the REPORTLOG file...
dedecms织梦 标签远程文件写入漏洞
No description provided by source. 前题条件,必须准备好自己的dede数据库,然后插入数据: insert into dedemytagaid,normbody values1,''dede:php$fp = @fopen"1.php", ''a'';@fwrite$fp, '''';echo "OK";@fclose$fp;/dede:php''; 再用下面表单提交,shell 就在同目录下 1.php。原理自己研究。。。 form action="" method="post" name="QuickSearch"...
CVE-2011-3007
The myCIOScn ActiveX control myCIOScn.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to write to arbitrary files by specifying an arbitrary filename in the MyCioScan.Scan.ReportFile parameter, as demonstrated by injecting script into a log file and executing...
ZyWALL USG Appliance Arbitrary File Read / Write
Advisory: Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances Unauthenticated users with access to the management web interface of certain ZyXEL ZyWALL USG appliances can download and upload configuration files, that are applied automatically. Details =======...
DEBIAN-CVE-2010-4765
Race condition in the Kernel::System::Main::FileWrite method in Open Ticket Request System OTRS before 2.4.8 allows remote authenticated users to corrupt the TicketCounter.log data in opportunistic circumstances by creating tickets...
Foxit PDF Reader 4.2 Javascript File Write
Exploit for windows platform in category local exploits $Id: foxitreaderfilewrite.rb 11955 2011-03-14 12:01:55Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more...
Foxit PDF Reader 4.2 Javascript File Write
This module exploits an unsafe Javascript API implemented in Foxit PDF Reader version 4.2. The createDataObject Javascript API function allows for writing arbitrary files to the file system. This issue was fixed in version 4.3.1.0218. Note: This exploit uses the All Users directory currently, whi...
Foxit PDF Reader 4.2 - JavaScript File Write (Metasploit)
$Id: foxitreaderfilewrite.rb 11955 2011-03-14 12:01:55Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Foxit PDF Reader 4.2 Javascript File Write
$Id: foxitreaderfilewrite.rb 11955 2011-03-14 12:01:55Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
DEBIAN-CVE-2010-4651
Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. dot dot or full pathname, a related issue to CVE-2010-1679...
DEBIAN-CVE-2011-0017
The openlog function in log.c in Exim 4.72 and earlier does not check the return value from 1 setuid or 2 setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack...
Free CD To MP3 Converter 3.1 Buffer Overflow
Exploit Title: Free CD to MP3 Converter 3.1 Buffer Overflow Exploit SEH Date: 10/18/10 Credit/Bug found by: C4SS!0 G0M3S Software Link: http://www.eusing.com/Download/cdtomp3freeware.exe Version: 3.1 Tested on: Windows XP SP3 EN VMWARE FUSION - Version 3.1.1 CVE: N/A ! /usr/bin/env ruby filename ...
AT-TFTP Server 1.8 Directory Traversal
/ / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / ,tftp Transfers files to and from a remote computer running the TFTP service. TFTP -i host GET | PUT source destination -i Specifies binary image transfer mode also called octet. In binary image mode the file is moved...
Quick-Player
Quick Player is prone to a buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. This version affects Quick Player 2.3.x import sys...
Directory Traversal Vulnerability in AnyConnect
Vulnerability ID: HTB22629 Reference: http://www.htbridge.ch/advisory/directorytraversalvulnerabilityinanyconnect.html Product: AnyConnect Vendor: AnyConnect http://www.anyconnect.net Vulnerable Version: 1.2.3.0 and Probably Prior Versions Vendor Notification: 27 September 2010 Vulnerability Type...
Directory Traversal Vulnerability in CrossFTP Pro
Vulnerability ID: HTB22624 Reference: http://www.htbridge.ch/advisory/directorytraversalvulnerabilityincrossftppro.html Product: CrossFTP Pro Vendor: CrossFTP Software http://www.crossftp.com Vulnerable Version: 1.65a and Probably Prior Versions Vendor Notification: 27 September 2010 Vulnerabilit...
FTPx Corp FTP Explorer Directory Traversal Vulnerability
FTPx Corp FTP Explorer is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-3103
Directory traversal vulnerability in FTPGetter Team FTPGetter 3.51.0.05, and probably earlier versions, allows remote FTP servers to write arbitrary files via a ".." dot dot backslash in a filename...
Directory Traversal Vulnerability in TurboFTP Server
Vulnerability ID: HTB22514 Reference: http://www.htbridge.ch/advisory/directorytraversalvulnerabilityinturboftpserver.html Product: TurboFTP Server Vendor: TurboSoft, Inc http://turboftp.com/ Vulnerable Version: 1.20 Build 745 and Probably Prior Versions Vendor Notification: 19 July 2010...
Directory Traversal in SmartFTP
Vulnerability ID: HTB22525 Reference: http://www.htbridge.ch/advisory/directorytraversalinsmartftp.html Product: SmartFTP Vendor: SmartSoft Ltd http://www.smartftp.com/ Vulnerable Version: 4.0.1124.0 32 and 64 bit and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type:...