37 matches found
CVE-2018-12162
Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local access...
CVE-2018-12160
DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access...
CVE-2017-5414
The file picker dialog can choose and display the wrong local default directory when instantiated. On some operating systems, this can lead to information disclosure, such as the operating system or the local account name. This vulnerability affects Firefox 52 and Thunderbird 52...
Tenable Nessus Non-Default Directory Installation Privilege Escalation Vulnerability (TNS-2018-01)
Tenable Nessus is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
DLL Hijacking Vulnerability and Information Disclosure Vulnerability in CIMCO Software
CIMCO is the world's leader in DNC solutions and is the world's largest installed base of DNC systems, which are mainly used for networking communication of CNC machine tools, machine tool monitoring, etc. CIMCO DNC-Max Server is the DNC server software. Vulnerability one: CIMCO program default...
UBUNTU-CVE-2017-5414
The file picker dialog can choose and display the wrong local default directory when instantiated. On some operating systems, this can lead to information disclosure, such as the operating system or the local account name. This vulnerability affects Firefox 52 and Thunderbird 52...
QNX 6.2/6.3 - Multiple Local Privilege Escalation and Denial of Service Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/16539/info QNX is susceptible to multiple local vulnerabilities. These issues include multiple buffer-overflow vulnerabilities, a format-string vulnerability, an insecure library-path vulnerability, insecure...
PHPSurveyor Shell Upload
-= G4eL =- Exploit Title: PHPSurveyor - Shell Upload Exploit Author: G4eL Date: 26/12/2013 Product: PHPSurveyor Official Site: http://www.limesurvey.org/ Risk Level: High /admin/templates.php - File Upload URL SITE = Default directory of PHPSurveyor Example : http://site.com/survey/ File Uploaded...
CVE-2012-5948
Multiple cross-site scripting XSS vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3, and 8, allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 WebProcess.srv, 2 the html/en/default/ directory, 3 Widget/resource, 4 birt/frameset, or 5...
Teach you to quickly locate the target website source code-bug warning-the black bar safety net
First look at an example: The target site is a shopping site, wherein a section of the“My selling”point of the path is: mycsproc. asp-- This page name is very characteristic, Oh To www. seeknot. com the search bar in the input mycsproc. asp, select the default directory to find the way, to submit...
Fedora 7 : openldap-2.3.34-6.fc7 (2008-1307)
Tue Feb 5 2008 Jan Safranek 2.3.34-6 - fix CVE-2007-6698 431409 - Mon Jan 14 2008 Jan Safranek 2.3.34-5 - fix default slurpd directory to /var/lib/ldap 424831 - Fri Nov 2 2007 Jan Safranek 2.3.34-4 - fix various security flaws 360081 - Fri Jul 13 2007 Jan Safranek 2.3.34-3 - Fix initscript return...
minb-db.txt
Minb Is Not A Blog default password directory http://sourceforge.net/projects/minb Via looking in a default directory, any user can access the users.db file which contains the username and encrypted password of the person running the board. Try it for your self: www.example.com/minb/db/users.db T...
Alt-N MDaemon本地不安全默认目录权限漏洞
Alt-N MDaemon是一款基于Windows的邮件服务程序。 MDaemon在安装文件时没能设置正确的访问权限,本地攻击者可能利用此漏洞提升权限。 MDaemon默认下以不安全权限安装到了系统根目录的MDaemon文件夹中,允许Users组的成员创建文件和目录。本地攻击者可以通过将恶意的RASAPI32.DLL或MPRAPI.DLL库放置在MDaemon\APP目录中导致以系统权限执行任意代码。 Alt-N MDaemon 9.53 Alt-N MDaemon 9.51 Alt-N MDaemon 9.06 Alt-N MDaemon 9.0.5 临时解决方法:...
[NT] Selenium FTP Server Directory Traversal
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
QNX 6.26.3 - Multiple Privilege Escalation Denial of Service Vulnerabilities
QNX 6.26.3 - Multiple Privilege Escalation Denial of Service Vulnerabilities source: https://www.securityfocus.com/bid/16539/info QNX is susceptible to multiple local vulnerabilities. These issues include multiple buffer-overflow vulnerabilities, a format-string vulnerability, an insecure...
QNX 6.2/6.3 - Multiple Privilege Escalation / Denial of Service Vulnerabilities
source: https://www.securityfocus.com/bid/16539/info QNX is susceptible to multiple local vulnerabilities. These issues include multiple buffer-overflow vulnerabilities, a format-string vulnerability, an insecure library-path vulnerability, insecure default-directory-permission vulnerability, and...
The detection of a account on the default permissions of the directory is writable for the script-vulnerability warning-the black bar safety net
Author: invincible most lonelyE. S. T source: evil octal China in the web after the invasion,often be looking for a writable directory to upload the webshell or other things,this is a critical issue. Most of the administrators to some system directory, do the permissions to change settings,but...