4 matches found
PYSEC-2020-200
The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file...
Directory traversal
Directory traversal vulnerability in phpThumb.php in PinkCrow Designs Gallery or maGAZIn 2.0 allows remote attackers to read arbitrary files via a .. dot dot in the src parameter...
CVE-2007-1509
Directory traversal vulnerability in enkrypt.php in Sascha Schroeder krypt aka Holtstraeter Rot 13 allows remote attackers to read arbitrary files via a .. dot dot in the datei parameter...
CVE-2005-1480
Directory traversal vulnerability in RaidenFTPD before 2.4.2241 allows remote attackers to read arbitrary files via a "..\" dot dot backslash in the urlget site command...