5 matches found
CVE-2023-20115
A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. This vulnerability is d...
qt: files placed by attacker can influence the working directory and lead to malicious code execution
Out of bounds write in IntelR PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access...
WebCalendar -- remote file inclusion vulnerability
WebCalendar is proven vulnerable to a remote file inclusion vulnerability. The sendreminders.php does not properly verify the "includedir" parameter, giving remote attackers the possibility to include local and remote files. These files can be used by the attacker to gain access to the system...
CVE-2005-2255
Directory traversal vulnerability in PhpAuction 2.5 allows remote attackers to read arbitrary files, include local PHP files, or obtain sensitive path information via ".." sequences in the lan parameter to 1 index.php or 2 admin/index.php...
CVE-2002-1187
Cross-site scripting vulnerability XSS in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the or element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource...