31 matches found
Mozilla: Symlinks may resolve to partially uninitialized buffers
The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...
GlassWire 代码注入漏洞
GlassWire is a firewall software. A code injection vulnerability exists in GlassWire version 2.1.167, which arises from arbitrary code execution from a file in a user's path when the program is first executed...
Obfuscator - The Program Is Designed To Obfuscate The Shellcode
The program is designed to obfuscate the shellcode. Currently the tool supports 2 encryption. 1 XOR 2 AES The tool accepts shellcode in 4 formats. 1 base64 2 hex 3 c 4 raw Command Line Usage Usage Description ----- ----------- /f Specify the format of the shellcode base64 hex c raw /enc Specify t...
PT-2020-6992 · Python +1 · Python +1
Name of the Vulnerable Software and Affected Versions: Python version 3.8.4 Description: The issue is related to the python38. pth file, where sys.path restrictions are ignored, allowing code to be loaded from arbitrary locations. This could potentially enable a remote attacker to execute arbitra...
FineCms 免费版任意文件上传漏洞
路径:dayrui/libraries/Chart/ofcuploadimage.php $defaultpath = '../tmp-upload-images/'; if !fileexists$defaultpath mkdir$defaultpath, 0777, true; $destination = $defaultpath . basename $GET 'name' ; echo 'Saving your image to: '. $destination; $jfh = fopen$destination, 'w' or die"can't open file";...
Immunity Debugger 1.85 - Crash PoC
Exploit for windows platform in category dos / poc Title: Immunity Debugger - Crash Date: 08/07/2015 Author: Arsyntex Vendor Homepage: http://www.immunityinc.com/products/debugger/ Version: v1.85 Tested on: Windows 8.1 Pro Incorrect path/file EXtEnsion parsing. -Create folder with the name:...
Design/Logic Flaw
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope...
PT-2012-1885 · Wikkawiki · Wikkawiki
Name of the Vulnerable Software and Affected Versions: WikkaWiki versions 1.3.1 through 1.3.2 Description: The issue allows remote attackers to write arbitrary PHP code to the spamlog path file via the User-Agent HTTP header in an addcomment request when the spam logging option is enabled. The...
vbShout 5.2.2 Remote/Local File Inlcusion Vulnerability
Exploit for php platform in category web applications ======================================================= vbShout 5.2.2 Remote/Local File Inlcusion Vulnerability ======================================================= + + Title: vbShout 5.2.2 Remote/Local File Inlcusion Mod/Admin + Author:...
PcP-Guestbook 3.0 - lang Local File Inclusion
PcP-Guestbook 3.0 - lang Local File Inclusion .-""""""""-. / Dj7xpl \ | | |, .-. .-. ,| | o/ \o | |/ /\ | @ ^^ \|IIIIII|/ @8@8 / \ / @ +Iranian Are The Best In World+ Portal.......: PcP-Book 3.0 Site.........: http://www.pcp-system.at Down.........: http://www.ectona.org/download/?id=621&s=info...
Info-Zip buffer overflow
Buffer overflow on oversized path file comperssing...