23 matches found
GNU Bash code execution vulnerability in path completion(CVE-2017-5932)
1 Introduction GNU Bash from version 4.4 contains two bugs in its path completion feature leading to a code execution vulnerability. An exploit can be realized by creating a file or directory with a specially crafted name. A user utilizing GNU Bash's built-in path completion by hitting the Tab...
Novell ZENworks 'dirname' Information Disclosure Vulnerability
Novell ZENworks is a suite of software that supports automated IT management and business process management across resources within an organization. An information disclosure vulnerability exists in Novell ZENworks 'dirname'. Due to the program eventory.rtr.actionclasses.wcreports failing to...
Coppermine Photo Gallery 1.4.10 - SQL Injection
Coppermine Photo Gallery 1.4.10 - SQL Injection table prefix\n"; print " - hostname\n"; print " - web dirname \n"; print " - force mode - '0' - for Off or "album number" for force mode On \n"; print " table prefix - prefix of sql tables\n"; print " example: " . $argv0 . " coppermine.site photo/ 1...