Twilight CMS DeWeS Web Server <= 0.4.2 Directory Traversal Vulnerability - Active Check

Twilight CMS with DeWeS Web Server is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Open and Compact FTPD <= 1.2 Multiple Vulnerabilities - Active Check

Open and Compact FTPD server is prone to authentication bypass and directory traversal vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Important: Red Hat Security Advisory: tomcat5 and tomcat6 security update

Updated tomcat5 and tomcat6 packages that fix one security issue are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...

CVE-2013-3508

html/System-Files.php in the System File Overview feature in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands via vectors involving file editing...

CVE-2013-3508

html/System-Files.php in the System File Overview feature in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands via vectors involving file editing...

CVE-2013-3508

The CVE-2013-3508 entry affects GroundWork Monitor Enterprise 6.7.0 (NeDi component). The vulnerability exists in html/System-Files.php within the System File Overview feature, allowing remote authenticated users to execute arbitrary commands via vectors involving file editing. Base score is 6.5 ...

Multiple Android devices vulnerable to denial-of-service (DoS)

Overview Multiple Android devices contains a denial-of-service DoS vulnerability. Multiple Android devices contain an issue when referencing specific system area, which may lead to a denial-of-service DoS. Tsukasa Oi of Fourteenforty Research Institue, Inc. reported this vulnerability to IPA...

Mandrake Linux Security Advisory : man (MDKSA-2000:015)

Internet Security Systems ISS X-Force has identified a vulnerability in the makewhatis Bourne shell script that ships with many Linux distributions. It is found in versions 1.5e and higher of man, and handles temporary files insecurely. Local users may gain a variety of privileges depending on th...

Novell Sentinel Log Manager <= 1.2.0.1 Directory Traversal

Exploit for php platform in category web applications Exploit Title: Novell Sentinel Log Manager directory traversal Date: 2011-12-18 Exploit Author: Andrea Fabrizi Vendor Homepage: http://www.novell.com/ Version: = 1.2.0.1 Tested on: Sentinel Log Manager Appliance 1.2.0.1 CVE: 2011-5028 The late...

QNAP Turbo NAS TS-1279U-RP - Multiple Path Injections

QNAP Turbo NAS TS-1279U-RP - Multiple Path Injections Exploit Title: QNAP Turbo NAS Multiple Path Injection Date: 2012-09-04 Exploit Author: Andrea Fabrizi Vendor Homepage: http://www.qnap.com/ Version: = 3.7.3 build 20120801 Tested on: QNAP TS-1279U-RP This vulnerability has been discovered on...

QNAP Turbo NAS 3.7.3 File Disclosure

Exploit for hardware platform in category web applications Vulnerability: Multiple Path Injection Product: QNAP Turbo NAS Vendor: QNAP Version affected: = 3.7.3 build 20120801 Status: Unpatched Website: http://web.qnap.com/prodetailfeature.asp?pid=202 Discovered by: Andrea Fabrizi Email:...

Checkpoint Abra Multiple Vulnerabilities

Exploit for windows platform in category local exploits Check Point Abra Vulnerabilities Vendor: Check Point Software Technologies Ltd Product web page: http://rus.checkpoint.com/products/abra/index.html; http://www.checkpoint.com/products/go/ Platforms: Windows XP, Vista, 7 32 bit Summary: Check...

Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities

Document Title: =============== Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=487 Release Date: ============= 2012-03-31 Vulnerability Laboratory ID VL-ID: ==================================== 487...

Novell Sentinel Log Manager 1.2.0.1 Directory Traversal

Vuln: Path Traversal Application: Sentinel Log Manager Vendor: Novell Version affected: = 1.2.0.1 Website: http://www.novell.com/products/sentinel-log-manager/ Discovered By: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it The latest version of Sentinel Log Manager...

novell sentinel log manager 1.2.0.1 - Directory Traversal

novell sentinel log manager 1.2.0.1 - Directory Traversal Exploit Title: Novell Sentinel Log Manager directory traversal Date: 2011-12-18 Exploit Author: Andrea Fabrizi Vendor Homepage: http://www.novell.com/ Version: = 1.2.0.1 Tested on: Sentinel Log Manager Appliance 1.2.0.1 CVE: 2011-5028 The...

novell sentinel log manager 1.2.0.1 - Directory Traversal

Exploit Title: Novell Sentinel Log Manager directory traversal Date: 2011-12-18 Exploit Author: Andrea Fabrizi Vendor Homepage: http://www.novell.com/ Version: = 1.2.0.1 Tested on: Sentinel Log Manager Appliance 1.2.0.1 CVE: 2011-5028 The latest version of Sentinel Log Manager is prone to a...

openvas 2.x race condition

openvas-server/openvas/ovalplugins.c ... resultsfilename = "/tmp/results.xml"; if gfiletest resultsfilename, GFILETESTEXISTS logwrite "Found existing results file in s, deleting it to avoid conflicts.", resultsfilename; it unlink /tmp/results.xml avoid symlink attack then spawn process that write...

myDBLite 1.1.10 For iPhone / iPod Touch Directory Traversal

Exploit Title : myDBLite v1.1.10 for iPhone / iPod touch, Directory Traversal Date: 02/24/2011 Author: R3d@l3rt, Sp@2K, Sp@2K, Sunlight, H@ckk3y Software Link: http://itunes.apple.com/kr/app/mydb-lite/id335521112?mt=8 Version: 1.1.10 Tested on: iPhone, iPod 3GS with 4.2.1 firmware There is...

Abtp Portal Project 0.1.0 - Local File Inclusion

!/usr/bin/perl =about ---------------------------------------------------------------------------------------------------- Name : Abtp Portal Project The variable $ ABTPVBLOQUECENTRAL was not correctly stated thus enabling the attack include malicious files or read files from the system. If...

CVE-2010-2693

CVE-2010-2693 affects FreeBSD 7.1–8.1-PRERELEASE where the read-only flag is not copied when duplicating an mbuf buffer reference. This can allow a local attacker to cause data corruption via sendfile(2) on the loopback path and potentially escalate privileges by corrupting system files. The issu...