SUSE CVE-2002-0389

Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives...

SUSE CVE-2019-9896

In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable...

CVE-2020-25184

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a file that is in the same directory as the executable file. ISaGRAF Runtime reads the file and saves the data in a variable without any additional modification. A local, unauthenticated attacker could...

Rockwell Automation ISaGRAF 安全漏洞

Rockwell Automation ISaGRAF is an automation software technology for creating integrated automation solutions from Rockwell Automation. It is designed to be scalable and portable and is suitable for developing small controllers and large distributed automation systems. A security vulnerability...

PT-2021-7837 · Rockwell Automation · Isagraf Runtime

Name of the Vulnerable Software and Affected Versions: Rockwell Automation ISaGRAF Runtime versions 4.x through 5.x Description: The issue concerns the storage of passwords in plaintext within a file located in the same directory as the executable file. This file is read by ISaGRAF Runtime, and t...

File Upload Vulnerability in Smart-MDS Multimedia Command and Dispatch System of Yixin Technology

The Smart-MDS multimedia command and dispatch system has a powerful convergence access function, providing a unified scheduling management platform with multi-service convergence, access to mainstream audio and video communication systems and other functions. There is a file upload vulnerability ...

CVE-2019-9896

In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable...

Windows/x86 - Executable Directory Search Shellcode (130 bytes)

Title: Windows x86 - Executable directory search Shellcode 130 bytes Date: 26-02-2017 Author: Krzysztof Przybylski Platform: Winx86 Tested on: WinXP SP1 Shellcode Size: 130 bytes / Description: write & exec dir searcher starts from C:\ If dir found then write, execute ping 127.1.1.1 and exit If...

Windows x86 - Executable Directory Search Shellcode (130 bytes)

Windows x86 - Executable Directory Search Shellcode 130 bytes. Shellcode exploit for Winx86 platform Title: Windows x86 - Executable directory search Shellcode 130 bytes Date: 26-02-2017 Author: Krzysztof Przybylski Platform: Winx86 Tested on: WinXP SP1 Shellcode Size: 130 bytes / Description:...

The star outside the mention of the right new ideas&the star outside security Bulletin(mention the right vulnerability)-vulnerability warning-the black bar safety net

Statement, This is not what a star outside 0DAY, which at Best, only one in could not find a writable executable directory of a mention of the right ideas. I dare not say that I first found, there may be other people also found, and also in the use. In fact, numerous examples demonstrate that the...

IIS vulnerability application-vulnerability warning-the black bar safety net

by yuange The newly discovered IIS a bunch of vulnerabilities, and talk about the application. Need a virtual executable Directory,WINDOWS common /scripts,/cgi-bin,/vtibin, General/vtibin directory is mapped to the“program files”directory, usually in the system tray above, and the SCRIPTS sometim...

Webshell under to crack computer administrator password-vulnerability warning-the black bar safety net

Information source: evil octal information security team www.eviloctal.com） This idea derived from previous studies runas command when inspired. Method of use: 1, The your password dictionary was renamed into the psw. txt, upload to the target server is an executable, writable directory. It is...

aspads.txt

We've had a number of questions and possible solutions suggested in the past few hours, let me try and summarize. 1. Several people noted that enabling extensions with "::$DATA" added, i.e. ".asp::$DATA", would cause them to be executed instead of read. This does work, and is faster than removing...