Trend Micro Mobile Security for Enterprises widgetforsecurity set_certificates_config Unrestricted File Upload Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of Trend Micro Mobile Security for Enterprises. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...

Arbitrary File Write

nilsteampassnet/teampass is vulnerable to External Control Of File Name. The vulnerability is due to a lack of santization in the path element, which allows an attacker to write arbitrary files outside the expected directory...

CVE-2014-3981

acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file...

CVE-2013-4702

Multiple directory traversal vulnerabilities in the doApiAction function in data/class/api/SCApiOperation.php in LOCKON EC-CUBE 2.12.0 through 2.12.5 on Windows allow remote attackers to read arbitrary files via vectors involving a 1 Operation, 2 Service, 3 Style, 4 Validate, or 5 Version value...

CVE-2004-2256

Directory traversal vulnerability in phpMyFAQ 1.4.0 alpha allows remote attackers to read arbitrary files, and possibly execute local PHP files, via .. sequences in the lang language variable...