231 matches found
WordPress Tera Charts Plugin - Remote Path Traversal File Disclosure
Tera Charts plugin's zoomabletreemap.php "fn" parameter is prone to remote path traversal file disclosure vulnerability that allow an attacker to get potentially sensitive information. Other attacks are also possible. Solution Update the plugin...
CVE-2013-7060
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope...
Agnitum Outpost Internet Security Local Privilege Escalation
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...
Open-Xchange Server 6 - Multiple Vulnerabilities
Open-Xchange Server 6 - Multiple Vulnerabilities Multiple security issues for Open-Xchange Server have been discovered and fixed. The vendor has chosen responsible full disclosure to publish security issue details. Users of the software have already been provided with patched versions. Proof...
Open-Xchange Server 6 - Multiple Vulnerabilities
Exploit for php platform in category web applications Multiple security issues for Open-Xchange Server have been discovered and fixed. The vendor has chosen responsible full disclosure to publish security issue details. Users of the software have already been provided with patched versions. Proof...
Setuid Nmap Exploit
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...
CVE-2012-3838
Gekko before 1.2.0 allows remote attackers to obtain the installation path via a direct request to 1 admin/templates/babygekko/index.php or 2 templates/html5demo/index.php...
CVE-2008-2723
CVE-2008-2723 affects embed.php in Menalto Gallery (pre-2.2.5). Remote attackers can obtain the full server path via unknown vectors related to spoofing the remote address, exposing server file paths and potentially aiding further exploitation. The CVSS2 base score is 5.0 (Medium) with partial co...
Core Security Technologies Advisory 2008.0123
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Leopard Server Remote Path Traversal Advisory Information Title: Leopard Server Remote Path Traversal Advisory ID: CORE-2008-0123 Advisory URL:...
Leopard Server Remote Path Traversal
Advisory ID Internal CORE-2008-0123 Advisory Information Title: Leopard Server Remote Path Traversal Advisory ID: CORE-2008-0123 Date published: 2008-03-18 Date of last update: 2008-03-18 Vendors contacted: Apple Inc. Release mode: Coordinated release Vulnerability Information Class: Remote Path...
Core Security Technologies Advisory 2008.0204
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs Timbuktu Pro Remote Path Traversal and Log Injection Advisory Information Title: Timbuktu Pro Remote Path Traversal and Log Injection Advisory ID: CORE-2008-0204...
Timbuktu Pro Remote Path Traversal and Log Injection
Timbuktu Pro Remote Path Traversal and Log Injection Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs-research Advisory Information Title: Timbuktu Pro Remote Path Traversal and Log Injection Advisory ID: CORE-2008-0204 Advisory URL:...
Motorola Timbuktu Pro 8.6.58.7 - Directory Traversal Log Injection
Motorola Timbuktu Pro 8.6.58.7 - Directory Traversal Log Injection Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs Title: Timbuktu Pro Remote Path Traversal and Log Injection Advisory ID: CORE-2008-0204 Advisory URL:...
Motorola Timbuktu Pro 8.6.5/8.7 - Directory Traversal / Log Injection
Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs Title: Timbuktu Pro Remote Path Traversal and Log Injection Advisory ID: CORE-2008-0204 Advisory URL: http://www.coresecurity.com/?action=item&id=2166 Date published: 2008-03-11 Date of last update: 2008-03-11...
backupexec-upload.txt
File Upload POC Backup Exec System Recovery Manager 7.0File Upload POC :8443/axis/FileUpload" method="post" enctype="multipart/form-data" Remote Path: File to upload: cBastardLabs 2008...
Backup Exec System Recovery Manager 7.0.1 - Arbitrary File Upload
Backup Exec System Recovery Manager 7.0.1 - Arbitrary File Upload File Upload POC Backup Exec System Recovery Manager 7.0File Upload POC :8443/axis/FileUpload" method="post" enctype="multipart/form-data" Remote Path: File to upload: cBastardLabs 2008. milw0rm.com 2008-02-07...
Kiwi CatTools TFTP <= 3.2.8 Remote Path Traversal Vulnerability
No description provided by source. Path traversal security vulnerability in Kiwi CatTools TFTP up to 3.2.8 server can lead to information disclosure and remote code execution Risk: High DISCUSSION Kiwi CatTools TFTP server doesn.t properly verify filename in PUT and GET request which can be used ...
CVE-2006-0794
help.php in V-webmail 1.6.2 allows remote attackers to obtain the installation path via unspecified invalid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2005-3689
post.php in XMB 1.9.2 allows remote attackers to obtain the installation path via an invalid fid parameter in a newthread action...
solaris_lpd_unlink.pm.txt
This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...