Mulesoft ESB Runtime 3.5.1 - Privilege Escalation Vulnerability

No description provided by source. Mulesoft ESB Runtime 3.5.1 Authenticated Privilege Escalation → Remote Code Execution Mulesoft ESB Runtime 3.5.1 allows any arbitrary authenticated user to create an administrator user due to a lack of permissions check in the handler/securityService.rpc endpoin...

WebKit memory corruption exploit bloopers-vulnerability warning-the black bar safety net

WebKit is currently the most widely used Web rendering engine, whether it is a mainstream browser, Safari, Chrome, etc., the system built-in apps Mail, Dashboard, etc., the mobile end of the various third-party applications, paid, chat, social applications, etc. basically all with the WebKit...

CVE-2014-6287

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server aks HFS or HttpFileServer 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action...

openSUSE: Security Advisory for bash (openSUSE-SU-2014:1226-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ActualAnalyzer Lite 2.81 /aa.php 命令执行漏洞

No description provided by source...

Oracle Java System.arraycopy Race Condition (CVE-2014-0456)

A code execution vulnerability has been reported in Oracle Java. The vulnerability is due to a race condition in System.arraycopy. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to visit a webpage containing a maliciously crafted Java applet...

HP-UX LPD 命令执行漏洞

No description provided by source...

HybridAuth 2.2.2 /hybridauth/config.php 命令执行漏洞

No description provided by source...

Microsoft IIS4/5 CGI 命令执行漏洞

No description provided by source...

Destoon最新 V5.0-UTF8 正式版命令执行漏洞（后台）

简要描述： RT 详细说明： 后台一处命令执行漏洞，可添加系统账户。 漏洞位于admin/tag.inc.php case 'preview': $db-halt = 0; $destoontask = ''; if$tagcss $tagcss = stripslashes$tagcss; if$taghtmls $taghtmls = stripslashes$taghtmls; if$taghtmle $taghtmle = stripslashes$taghtmle; if$tagcode $tagcode = stripslashes$tagcode; if$tagjs...

PHP Arena paFileDB 1.1.3/2.1.1/3.0/3.1 - Arbitrary File Upload And Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8271/info It has been reported that a script contained in paFileDB does not properly verify user credentials before accepting files for upload. As a result, remote attackers may be able to upload files to the Web server...

Spreecommerce < 0.50.0 Arbitrary Command Execution

No description provided by source. $Id: spreesearchlogicexec.rb 12397 2011-04-21 19:38:42Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

Mozilla Suite And Firefox DOM Property Overrides Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13645/info Mozilla Suite and Mozilla Firefox are affected by a code-execution vulnerability. This issue is due to a failure in the application to properly verify Document Object Model DOM property values. An attacker may...

python-wrapper Untrusted Search Path/Code Execution Vulnerability

No description provided by source. python-wrapper untrusted search path/code execution vulnerability Python-wrapper executes any test.py script within the current working directory, when supplied with help'modules'. A non-priviledged user may gain code execution by tricking root to help'modules' ...

Campsite 2.6.1 ArticleIndex.php g_documentRoot Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...

Unrar 3.9.3 - Local Stack Overflow Exploit

No description provided by source. !/usr/bin/perl =head1 TITLE Winrar = v3.93 Local Stack-based Overflow exploit =head2 DESCRIPTION This script triggers a buffer overflow attack against Unrar, the linux popular version of WinRar extractor. It was not developped to bypass non-executing stack...

Xcms 1.1/1.7 Password Parameter Arbitrary PHP Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25771/info Xcms is prone to a vulnerability that lets attackers execute arbitrary PHP code because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary...

Active Classifieds 1.0 Arbitrary Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2942/info Active Classifieds is a CGI package that provides an online classified advertisement listing and management system. An origin validation error exists in the Free Edition of Active Classifieds that may allow remo...

FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability

No description provided by source. Document Title: =============== FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1231 Release Date: ============= 2014-03-20 Vulnerability Laboratory ID VL-ID:...

Mozilla Firefox Interleaving document.write and appendChild Exploit

No description provided by source. $Id: mozillainterleavedwrite.rb 11796 2011-02-22 20:49:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...