PT-2020-7832 · Abrt +2 · Abrt +2

Name of the Vulnerable Software and Affected Versions: ABRT affected versions not specified Description: A directory traversal issue in abrt-dbus within the Automatic Bug Reporting Tool ABRT allows local users to read, write to, or change ownership of arbitrary files. This can be achieved via...

CVE-2015-2993

SysAid Help Desk before 15.2 does not properly restrict access to certain functionality, which allows remote attackers to 1 create administrator accounts via a crafted request to /createnewaccount or 2 write to arbitrary files via the fileName parameter to /userentry...

KIE Workbench Arbitrary File Execution Vulnerability

KIE Workbench is a set of JAVA-based development of open source BPM business process management of the complete release , including all the BPM and rules module . An arbitrary file execution vulnerability exists in KIE Workbench 6.0.x that could allow an authenticated remote user to read or write...

UBUNTU-CVE-2015-1395

Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. dot dot in a diff file name...

p7zip -- directory traversal vulnerability

Alexander Cherepanov reports: 7z and 7zr is susceptible to a directory traversal vulnerability. While extracting an archive, it will extract symlinks and then follow them if they are referenced in further entries. This can be exploited by a rogue archive to write files outside the current directo...

Design/Logic Flaw

The SaveToFile method in the UniBasicPack.UniTextBox ActiveX control in UniBasic100EDA1811C.ocx in IDrive Online Backup 3.4.0 allows remote attackers to write to arbitrary files via a pathname in the first argument...

CVE-2014-5339

CheckMK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allows remote authenticated users to write checkmk config files .mk files to arbitrary locations via vectors related to row selections...

PHP 4.x tempnam() Function open_basedir Restriction Bypass

No description provided by source. source: http://www.securityfocus.com/bid/17439/info PHP is prone to multiple 'safemode' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations...

FreshFTP 5.36 Directory Traversal

Vulnerability ID: HTB22628 Reference: http://www.htbridge.ch/advisory/directorytraversalvulnerabilityinfreshftp.html Product: FreshFTP Vendor: FreshWebMaster http://www.freshwebmaster.com Vulnerable Version: 5.36 and Probably Prior Versions Vendor Notification: 27 September 2010 Vulnerability Typ...

Directory Traversal Vulnerability in FilterFTP

Vulnerability ID: HTB22626 Reference: http://www.htbridge.ch/advisory/directorytraversalvulnerabilityinfilterftp.html Product: FilterFTP Vendor: IN MEDIA KG http://www.in-mediakg.com/software/filterftp/filterftp.shtml Vulnerable Version: 2.0.3 and Probably Prior Versions Vendor Notification: 22...

Directory Traversal in FTP Explorer

Vulnerability ID: HTB22524 Reference: http://www.htbridge.ch/advisory/directorytraversalinftpexplorer.html Product: FTP Explorer Vendor: FTPx Corp http://www.ftpx.com/ Vulnerable Version: 10.5.19.1 for Windows and Probably Prior Versions Vendor Notification: 22 July 2010 Vulnerability Type:...

UBUNTU-CVE-2009-4111

Argument injection vulnerability in Mail/sendmail.php in the Mail package 1.1.14, 1.2.0b2, and possibly other versions for PEAR allows remote attackers to read and write arbitrary files via a crafted $recipients parameter, and possibly other parameters, a different vulnerability than CVE-2009-402...

Mandriva Update for lha MDKSA-2007:117 (lha)

Check for the Version of lha OpenVAS Vulnerability Test Mandriva Update for lha MDKSA-2007:117 lha Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Command injection

The sandbox for vim allows dangerous functions such as 1 writefile, 2 feedkeys, and 3 system, which might allow user-assisted attackers to execute shell commands and write files via modelines...

CVE-2007-2438

The sandbox for vim allows dangerous functions such as 1 writefile, 2 feedkeys, and 3 system, which might allow user-assisted attackers to execute shell commands and write files via modelines...

CVE-2007-2438

The sandbox for vim allows dangerous functions such as 1 writefile, 2 feedkeys, and 3 system, which might allow user-assisted attackers to execute shell commands and write files via modelines...

security flaw

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier 1 allow access to restricted Java classes via JavaScript and 2 do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary file...