Codiad path directory traversal vulnerability

Codiad is an open source Web-based IDE application for writing and editing code online. A directory traversal vulnerability exists in Codiad components/filemanager/download.php, which allows an attacker to read the contents of arbitrary files via the path parameter...

Directory traversal

Directory traversal vulnerability in the filegetcontents function in downloadfiles/download.php in the WP Content Source Control wp-source-control plugin 3.0.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the path parameter...

CVE-2014-5368

Directory traversal vulnerability in the filegetcontents function in downloadfiles/download.php in the WP Content Source Control wp-source-control plugin 3.0.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the path parameter...

XEN Carousel < 0.12.2 - XSS vulnerabilities in xencarousel-admin.js.php via path or ajaxpath parameter

The xen-carousel WordPress plugin was affected by a XSS vulnerabilities in xencarousel-admin.js.php via path or ajaxpath parameter security vulnerability...

Directory traversal

Multiple directory traversal vulnerabilities in the Vitamin plugin before 1.1.0 for WordPress allow remote attackers to access arbitrary files via a .. dot dot in the path parameter to 1 addheaders.php or 2 minify.php...

CVE-2014-4529

Cross-site scripting XSS vulnerability in fpgpreview.php in the Flash Photo Gallery plugin 0.7 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the path parameter...

Bloq 0.5.4 admin.php page[path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/20512/info Bloq is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the application and the...

ezUpload 2.2 customize.php path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues ...

CVE-2012-5057

CRLF injection vulnerability in ownCloud Server before 4.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the url path parameter...

Crlf injection

CRLF injection vulnerability in ownCloud Server before 4.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the url path parameter...

tomcat: session fixation still possible with disableURLRewriting enabled

It was found that previous fixes in Tomcat 6 to path parameter handling introduced a regression that caused Tomcat to not properly disable URL rewriting to track session IDs when the disableURLRewriting option was enabled. A man-in-the-middle attacker could potentially use this flaw to hijack a...

CVE-2014-3808

Multiple cross-site scripting XSS vulnerabilities in BarracudaDrive before 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the 1 role parameter to roles.lsp, 2 name parameter to user.lsp, 3 path parameter to wizard/setuser.lsp, 4 host parameter to tunnelconstr.lsp, or 5...

CVE-2014-3806

Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. dot dot in the xmlpath parameter...

Apache Tomcat会话固定漏洞

Bugtraq ID:65769 CVE ID:CVE-2014-0033 Apache Tomcat是一款开放源码的JSP应用服务器程序。 由于对路径参数处理的修复引入的回溯，即使在启用disableURLRewriting的情况下也可导致一个会话固定攻击，允许远程攻击者利用漏洞未授权访问应用。 0 Apache Tomcat 6.0.0 - 6.0.37 厂商补丁： Apache ----- Apache Tomcat 6.0.39已经修复该漏洞，建议用户下载更新： http://tomcat.apache.org/...

Heat: ReST API doesn't respect tenant scoping

The ReST API in OpenStack Orchestration API Heat before Havana 2013.2.1 and Icehouse before icehouse-2 allows remote authenticated users to bypass the tenant scoping restrictions via a modified tenantid in the request path...

CVE-2013-3575

hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter...

WordPress WP FileManager Plugin "path" Parameter - Arbitrary File Download

WP FileManager plugin's "path" parameter is prone to an arbitrary file download vulnerability. It allows an attacker to download arbitrary files within the context of the web server process. Solution Update the plugin...

airVision NVR path Parameter Traversal Arbitrary File Access

The remote web server hosts airVision NVR, an application used to remotely monitor IP cameras. The installed version of airVision NVR fails to properly sanitize user-supplied input to the 'path' parameter of the 'views/file.php' script. This could allow an unauthenticated, remote attacker to read...

Reflected xss in the jira-gadgets-plugin getLabelGroups rest resource

The jira-gadgets-plugin LabelsResource class exposes a getLabelGroups rest resource that is vulnerable to reflected xss through the user supplied 'project' path parameter. The vulnerability is caused by building an error response message with a content type of text/html and not html encoding the...

Reflected xss in the jira-gadgets-plugin getLabelGroups rest resource

The jira-gadgets-plugin LabelsResource class exposes a getLabelGroups rest resource that is vulnerable to reflected xss through the user supplied 'project' path parameter. The vulnerability is caused by building an error response message with a content type of text/html and not html encoding the...