CVE-2014-0600

FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287...

CVE-2014-0600

The CVE-2014-0600 issue affects Novell GroupWise 2014 Administration Service, specifically the FileUploadServlet. The vulnerability arises from how the poLibMaintenanceFileSave parameter is handled, enabling directory traversal that allows remote attackers to read or write arbitrary files on the ...

CVE-2014-0600

FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287...

Code injection

FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287...

Novell Groupwise Administration Server FileUploadServlet poLibMaintenanceFileSave Information Disclosure Vulnerability

This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of Novell Groupwise. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of the poLibMaintenanceFileSave parameter within the FileUploadServlet...

Oracle Event Processing FileUploadServlet Arbitrary File Upload

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Oracle Event Processing FileUploadServlet Arbitrary File Upload', 'Description' = %q This module exploits an Arbitrary File Upload...

Oracle Event Processing FileUploadServlet Arbitrary File Upload

This module exploits an arbitrary file upload vulnerability in Oracle Event Processing 11.1.1.7.0. The FileUploadServlet component, which requires no authentication, can be abused to upload a malicious file onto an arbitrary location due to a directory traversal flaw, and compromise the server. B...

Oracle Event Processing FileUploadServlet Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Event Processing. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileUploadServlet class. The class contains a method that does not properl...

Cisco Prime Data Center Network Manager FileUploadServlet Arbitrary File Upload (CVE-2013-5486; CVE-2019-1620)

An arbitrary file upload vulnerability exists in Cisco Prime Data Center Network Manager. The vulnerability is due to lack of authentication and insufficient input validation in the FileUploadServlet when processing HTTP requests. A remote unauthenticated attacker can upload arbitrary files to...

Cisco Data Center Network Manager fileUploadServlet Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Data Center Network Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileUploadServlet. Multiple arguments of a multipart form reques...