23 matches found
SUSE CVE-2007-5238
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.215 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information the Java Web...
SUSE CVE-2008-3114
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...
VulnCheck KEV: CVE-2021-24209
The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated admin+ RCE in the settings page due to input validation failure and weak $cachepath check in the WP Super Cache Settings - Cache Location option. Direct access to the wp-cache-config.php file is not...
WordPress 插件 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...
Input validation
The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated admin+ RCE in the settings page due to input validation failure and weak $cachepath check in the WP Super Cache Settings - Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so...
CVE-2021-24209
CVE-2021-24209 affects the WP Super Cache WordPress plugin prior to 1.7.2. It enables an authenticated (admin+) RCE via the Settings → Cache Location option due to input validation failure and a weak $cache_path check, with direct access to wp-cache-config.php permitting web shell injection. Rela...
CVE-2021-24209 WP Super Cache < 1.7.2 - Authenticated Remote Code Execution (RCE)
The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated admin+ RCE in the settings page due to input validation failure and weak $cachepath check in the WP Super Cache Settings - Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so...
PT-2021-15754 · WordPress · Wp Super Cache
Name of the Vulnerable Software and Affected Versions: WP Super Cache versions prior to 1.7.2 Description: The issue is related to an authenticated remote code execution RCE in the settings page of the WP Super Cache WordPress plugin. This is due to a failure in input validation and a weak check ...
UBUNTU-CVE-2017-0367
Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having LocalisationCache directory default to system tmp directory is insecure...
Gitlist 0.4.0 - Remote Code Execution
Gitlist 0.4.0 - Remote Code Execution from commands import getoutput import urllib import sys """ Exploit Title: Gitlist 2: path = sys.argv2 print '! Using cache location %s' % path payload payload = "PD9zeXN0ZW0oJF9HRVRbJ2NtZCddKTs/Pgo=" sploit; python requests does not like this URL, hence wget...
Java Web Start, untrusted application may determine Cache Location (6704074)
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...
Java Web Start, untrusted application may determine Cache Location (6704074)
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...
Java Web Start, untrusted application may determine Cache Location (6704074)
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...
Java Web Start, untrusted application may determine Cache Location (6704074)
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...
Java Web Start, untrusted application may determine Cache Location (6704074)
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...
Java Web Start, untrusted application may determine Cache Location (6704074)
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...
Java Web Start, untrusted application may determine Cache Location (6704074)
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...
CVE-2008-3114
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to obtain sensitive information the cache location via an untrusted application, aka CR 6704074...
Vulnerabilities in Java Web Start allow to determine the location of the Java Web Start cache
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.215 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information the Java Web...
Vulnerabilities in Java Web Start allow to determine the location of the Java Web Start cache
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.215 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information the Java Web...