13 matches found
jshERP path traversal vulnerability
jshERP Huaxia ERP is a domestic ERP system developed by Ji Shenghua. Versions of jshERP 3.6 and earlier had a path traversal vulnerability. This vulnerability stemmed from incorrect handling of the parameter configFile in the file/jshERP-boot/plugin/uploadPluginConfigFile, which could lead to pat...
EUVD-2009-0766
Malware in sbrugna...
EUVD-2009-3675
Malware in sbrugna...
CVE-2009-0766
Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
Path traversal
Multiple absolute path traversal vulnerabilities in PHP-Calendar 1.1 allow remote attackers to include and execute arbitrary local files via a full pathname in the configfile parameter to 1 update08.php or 2 update10.php. NOTE: in some environments, this can be leveraged for remote file inclusion...
CVE-2009-3702
Multiple absolute path traversal vulnerabilities in PHP-Calendar 1.1 allow remote attackers to include and execute arbitrary local files via a full pathname in the configfile parameter to 1 update08.php or 2 update10.php. NOTE: in some environments, this can be leveraged for remote file inclusion...
CVE-2009-0765
Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the configfile parameter...
Directory traversal
Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the configfile parameter...
Directory traversal
Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2009-0766
Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2009-0765
Directory traversal vulnerability in index.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the configfile parameter...
CVE-2009-0765
CVE-2009-0765 affects Kipper 2.01, where index.php is vulnerable to directory traversal: remote attackers can include and execute arbitrary local files via .. in the configfile parameter. The issue enables partial confidentiality, integrity, and availability impact (CVSSv2 base score 7.5; AV:N/AC...
zenTrack index.php configFile Parameter Traversal Arbitrary Files Access
It is possible to make the remote web server show the content of arbitrary files by making requests like : index.php?configFile=../../../../../../../../../../etc/passwd %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Subject: Re: zenTrack Remote Command Execution Vulnerabilities From:...