104 matches found
Looking Glass 20040427 - Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14682/info Looking Glass may be exploited to execute arbitrary commands. An attacker can prefix arbitrary commands with the '|' character, supply them through a URI parameter and have them executed in the context of the...
cPanel 5.0 Guestbook.cgi Remote Command Execution Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/6882/info A remote command execution vulnerability has been discovered in the cPanel CGI Application. This issue occurs due to insufficient sanitization of externally supplied data to the 'guestbook.cgi' script. An attack...
Simple E-Document upload Remote Code Execution
A remote code execution vulnerability has been found in Simple E-Document. The vulnerability is due to the access cookie which could be abused to bypass authentication. A remote attacker can exploit this weakness to upload malicious PHP files which could result in arbitrary code execution in the...
Fedora 18 : mod_nss-1.0.8-27.fc18 (2013-22786)
A flaw was found in the way NSSVerifyClient was handled when used in both server / vhost context as well as directory context specified either via or directive. If 'NSSVerifyClient none' was set in the server / vhost context i.e. when server is configured to not request or require client...
UBUNTU-CVE-2013-4566
modnss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions...
mod_nss: incorrect handling of NSSVerifyClient in directory context
modnss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions...
Apache Struts URL and Anchor tag includeParams OGNL Command Execution (CVE-2013-1966; CVE-2013-2115)
The url/a tags resolve every parameter passed to them, allowing arbitrary OGNL expressions encoded into the URL to be evaluated bypassing both Struts and OGNL library protections. Successful exploitation will allow an attacker to execute arbitrary commands in the context of the server...
Drupal Video Module 任意PHP代码执行漏洞
BUGTRAQ ID: 57525 Drupal是一款开源的内容管理平台。 Drupal Video 7.x-2.x模块存在任意PHP代码执行漏洞,攻击者可利用此漏洞在Web服务器上下文中执行任意PHP代码。 0 Drupal Video module 厂商补丁: Drupal ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://drupal.org/project/video...
Narcissus Image Configuration Passthru Vulnerability
This module exploits a vulnerability found in Narcissus image configuration function. This is due to the backend.php file not handling the $release parameter properly, and then passes it on to the configureimage function. In this function, the $release parameter can be used to inject system...
AVA VoIP - Multiple Vulnerabilities
AVA VoIP - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/54591/info AVA VoIP is prone to multiple security vulnerabilities because the application fails to sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of a...
IpTools 0.1.4 - Tiny TCP/IP servers Directory Traversal
source: https://www.securityfocus.com/bid/51311/info IpTools Tiny TCP/IP servers is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input submitted to its web interface. Exploiting this issue will allow an attacker to view arbitrary files withi...
BMC Dashboards 7.6.01 - Cross-Site Scripting / Information Disclosure
source: https://www.securityfocus.com/bid/47731/info BMC Dashboards is prone to to multiple information-disclosure and cross-site scripting issues because the application fails to properly sanitize user-supplied input. A remote attacker may leverage the cross-site scripting issues to execute...
PostgreSQL Plus Advanced Server DBA Management Server Remote Authentication Bypass Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Postgres Plus Advanced Server DBA Management Server. Authentication is not required to exploit this vulnerability. The flaw exists within the DBA Management Server component which listens by defaul...
Mongoose Web Server <= 2.8 Slash Character Remote File Disclosure Vulnerability
Mongoose Web Server is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)
Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to 1 LayoutQueue, 2 Cursor.predefined, 3...
Microsoft SQL Server 2000 sp_replwritetovarbin privilege escalation
It's possible to overwrite process internal data and execute code in server context...
Bugzilla 3.1.4 - --attach_path Directory Traversal
Bugzilla 3.1.4 - --attachpath Directory Traversal source: https://www.securityfocus.com/bid/30661/info Bugzilla is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrar...
Campsite 2.6.1 - 'SubscriptionSection.php?g_documentRoot' Remote File Inclusion
source: https://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier versions may also be affected...
CuteNews 1.4.1 - 'show_archives.php' Traversal Arbitrary File Access
source: https://www.securityfocus.com/bid/15295/info CuteNews is affected by a directory traversal vulnerability. An unauthorized attacker can retrieve or upload arbitrary files by supplying directory traversal strings '../' through an affected URI parameter. Exploitation of this vulnerability...
Merak Mail Server 8.2.4 r - Arbitrary File Deletion
source: https://www.securityfocus.com/bid/14988/info Merak Mail Server is affected by an arbitrary file deletion vulnerability. This issue arises due to an input validation error allowing an attacker to delete files in the context of the Web server running the application. An attacker can exploit...