CVE-2012-3500

scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary 1 standard output or 2 standard error output file...

Apache Tomcat: Multiple vulnerabilities

Background Apache Tomcat is a Servlet-3.0/JSP-2.2 Container. Description Multiple vulnerabilities have been discovered in Apache Tomcat. Please review the CVE identifiers referenced below for details. Impact The vulnerabilities allow an attacker to cause a Denial of Service, to hijack a session, ...

CGI Generic Path Traversal (write test)

The remote web server hosts CGI scripts that fail to adequately sanitize request strings and are affected by directory traversal or local file inclusion vulnerabilities. By leveraging this issue, an attacker may be able to modify arbitrary files on the web server or execute commands. Due to the w...

CVE-2008-2942

Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." dot dot sequences in a patch file...

Cross site scripting

Adobe Integrated Runtime AIR, aka Apollo allows context-dependent attackers to modify arbitrary files within an executing .air file compiled AIR application and perform cross-site scripting XSS attacks, as demonstrated by an application that modifies an HTML file inside itself via JavaScript that...

CVE-2006-6814

Directory traversal vulnerability in FolderManager/FolderManager.aspx in Hosting Controller 7c allows remote authenticated users to read and modify arbitrary files, and list arbitrary directories via ..\ dot dot backslash sequences in the BrowsePath parameter...