unrarlib library buffer overflow

Buffer overflow in urarlibget function on oversized filename...

minigzip utility buffer overflow

Buffer overflow on oversized filename...

CVE-2007-1384

Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.2 allows remote attackers to overwrite arbitrary files via ".." sequences in a torrent filename...

CVE-2007-1384

Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.2 allows remote attackers to overwrite arbitrary files via ".." sequences in a torrent filename...

Directory traversal

Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.2 allows remote attackers to overwrite arbitrary files via ".." sequences in a torrent filename...

PT-2007-1411 · Php · Upload Tool For Php

Name of the Vulnerable Software and Affected Versions: Upload Tool for PHP version 1.0 Description: The issue allows remote attackers to read arbitrary files via directory traversal attacks using ".." sequences or absolute pathnames in the filename parameter of the /upload/bin/download.php API...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in chooser.cgi in Webmin before 1.330 and Usermin before 1.260 allow remote attackers to inject arbitrary web script or HTML via a crafted filename...

CVE-2007-1235

Unrestricted file upload vulnerability in sitex allows remote attackers to upload arbitrary PHP code via an avatar filename with a double extension such as .php.jpg, which fails verification and is saved as a .php file...

PT-2007-1383 · Smarty · Smarty

Name of the Vulnerable Software and Affected Versions: Smarty version 2.6.9 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter in the libs/Smarty.class.php file. This is a PHP remote file inclusion issue. Note that the original...

CVE-2007-1140

Directory traversal vulnerability in edit.php in pheap allows remote attackers to read and modify arbitrary files via a .. dot dot in the filename parameter...

Directory traversal

Directory traversal vulnerability in edit.php in pheap allows remote attackers to read and modify arbitrary files via a .. dot dot in the filename parameter...

CVE-2007-1140

The CVE-2007-1140 entry describes a directory traversal vulnerability in edit.php of the pheap application, where an attacker can supply a filename containing .. to read and modify arbitrary files. Affected component: pheap (edit.php). Root cause: improper validation of the filename parameter all...

Unrestricted file upload

Unrestricted file upload vulnerability in the onAttachFiles function in the upload tool inc/lib/attachment.lib.php in Wiclear before 0.11.1 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to filename validation. NOTE: some details were obtained fro...

CVE-2007-1097

Unrestricted file upload vulnerability in the onAttachFiles function in the upload tool inc/lib/attachment.lib.php in Wiclear before 0.11.1 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to filename validation. NOTE: some details were obtained fro...

CVE-2007-1080

Multiple heap-based buffer overflows in TurboFTP 5.30 Build 572 allow remote servers to cause a denial of service via 1 long filename in a response to a LIST command, and 2 a long response to a CWD command...

Design/Logic Flaw

Pearson Education PowerSchool 4.3.6 allows remote attackers to list the contents of the admin folder via a URI composed of the admin/ directory name and an arbitrary filename ending in ".js." NOTE: it was later reported that this issue had been addressed by 5.1.2...

CVE-2007-1044

Pearson Education PowerSchool 4.3.6 allows remote attackers to list the contents of the admin folder via a URI composed of the admin/ directory name and an arbitrary filename ending in ".js." NOTE: it was later reported that this issue had been addressed by 5.1.2...

CVE-2007-1044

Pearson Education PowerSchool 4.3.6 allows remote attackers to list the contents of the admin folder via a URI composed of the admin/ directory name and an arbitrary filename ending in ".js." NOTE: it was later reported that this issue had been addressed by 5.1.2...

SAP Web Application Server 6.40 - Arbitrary File Disclosure

!/usr/bin/perl -w SAP 'enserver.exe' file downloader Tested on "SAP Web Application Server Java 6.40" eval DVD Found & coded by Nicob The downloaded file is limited to the first 32 kilobytes Usual port : TCP/3200+SYSNR Exemple : ./r3-stealer-1.0.pl 192.168.2.22 3201 "c:\boot.ini" From MSDN Win2K...

DEBIAN-CVE-2007-0454

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping...