Lucene search
K

3283 matches found

Debian CVE
Debian CVE
added 2008/12/01 5:0 p.m.51 views

CVE-2008-5302

Race condition in the rmtree function in File::Path 1.08 and 2.07 lib/File/Path.pm in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error...

6.9CVSS5AI score0.00332EPSS
Exploits2
FreeBSD
FreeBSD
added 2008/11/28 12:0 a.m.28 views

p5-File-Path -- rmtree allows creation of setuid files

Jan Lieskovsky reports: perl-File-Path rmtree race condition CVE-2005-0448 was assigned to address this This vulnerability was fixed in 5.8.4-7 but re-introduced in 5.8.8-1. It's also present in File::Path 2.xx, up to and including 2.07 which has only a partial fix...

1.2CVSS6.1AI score0.00387EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2008/11/13 12:0 a.m.32 views

ScriptsFeed (SF) Auto Classifieds Software - Arbitrary File Upload

ScriptsFeed SF Auto Classifieds Software Remote File Upload ---------------------------------------------------------- Discovered By: ZoRLu Date: 13.11.2008 Home: www.z0rlu.blogspot.com contact: [email protected] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : my bug number now: 39 my target...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/10/31 12:0 a.m.21 views

Tribiq CMS 5.0.10a Local File Inclusion Vulnerability (win)

Exploit for unknown platform in category web applications =========================================================== Tribiq CMS 5.0.10a Local File Inclusion Vulnerability win =========================================================== Tribiqcms 5.0.10a beta Local File Inclusion Vulnerability Vul...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/10/29 12:0 a.m.29 views

7Shop 1.1 - Arbitrary File Upload

!/usr/bin/perl use warnings; use strict; use LWP::UserAgent; use HTTP::Request::Common; my $fname = rand1000 . ".php"; int.. yes i know PU! print Spoofing + + Discovered && Coded By: t0pP8uZz + + + + Contact IRC: irc.rizon.net sectalk + + Vendor not notified! Later versions maybe vuln! + + + +...

7.4AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2008/10/14 6:12 p.m.3 views

CVE-2008-4549

The ImageShack Toolbar ActiveX control ImageShackToolbar.dll in ImageShack Toolbar 4.5.7, possibly including 4.5.7.69, allows remote attackers to force the upload of arbitrary image files to the ImageShack site via a file: URI argument to the BuildSlideShow method...

2.6CVSS5.7AI score0.06623EPSS
Exploits0References8
Packet Storm
Packet Storm
added 2008/10/09 12:0 a.m.26 views

scriptsezid-download.txt

ScriptsEz Easy Image Downloader Local File Download Vulnerability url: http://www.scriptsez.net/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk. Author will be not...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.25 views

Gentoo Security Advisory GLSA 200501-38 (Perl)

The remote host is missing updates announced in advisory GLSA 200501-38. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

2.6CVSS6.5AI score0.00412EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.24 views

Gentoo Security Advisory GLSA 200501-38 (Perl)

The remote host is missing updates announced in advisory GLSA 200501-38. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.6CVSS6.6AI score0.00412EPSS
Exploits0References4
seebug.org
seebug.org
added 2008/09/12 12:0 a.m.10 views

D-iscussion Board 3.01 (topic) Local File Inclusion Vulnerability

No description provided by source. + D-iscussion Board 3.01 Local File Inclusion + Discovered By SirGod + MorTal TeaM + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,str0ke Download : http://dino.shiftedphase.com/comp/downloads/forum.zip + Local File Inclusion PoC :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/08/19 12:0 a.m.18 views

twiki-disclose.txt

TWiki 4.2.0 File Disclosure Vuln configure "We're brazilian newbies!!! :p" - Th1nk3r Info ---------------------------------------------------------------------------------------------------------------- Classe : Input Validation Error Remote : Yes Local : No Date : 05/08/2008 Credits : Th1nk3r...

7.4AI score
Exploits0
OSV
OSV
added 2008/08/04 7:41 p.m.3 views

DEBIAN-CVE-2008-3457

Cross-site scripting XSS vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios in which the attacker must be able to modify...

2.6CVSS6AI score0.01804EPSS
Exploits2References1
seebug.org
seebug.org
added 2008/06/25 12:0 a.m.39 views

Perl rmtree()函数本地不安全权限漏洞

BUGTRAQ ID: 29902 CVECAN ID: CVE-2008-2827 Perl是一种免费且功能强大的编程语言。 Perl的lib/File/Path.pm文件中的rmtree函数在执行chmod时没有正确地检查权限: my $nperm = $perm & 07777 | 0600; if $nperm != $perm and not chmod $nperm, $root if $ForceWriteable error$arg, "cannot make file writeable", $canon;...

4.6CVSS0.1AI score0.0085EPSS
Exploits2
Packet Storm
Packet Storm
added 2008/06/11 12:0 a.m.25 views

fogforum-lfi.txt

======================================================= FOG Forum 0.8.1 Local File Inclusion Vulnerabilities ======================================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/03/26 12:0 a.m.43 views

Fedora 8 : krb5-1.6.2-14.fc8 (2008-2647)

This update incorporates fixes included in MITKRB5-SA-2008-001 use of uninitialized pointer / double-free in the KDC when v4 compatibility is enabled and MITKRB5-SA-2008-002 incorrect handling of high-numbered descriptors in the RPC library. This update also incorporates less-critical fixes for a...

10CVSS8AI score0.10141EPSS
Exploits2References11
seebug.org
seebug.org
added 2008/02/25 12:0 a.m.20 views

Portail Web Php <= 2.5.1.1 Multiple Inclusion Vulnerabilities

No description provided by source. Portail Web Php = 2.5.1.1 Multiple Remote/Local File Inclusion Vulnerabilities http://surfnet.dl.sourceforge.net/sourceforge/portail-web-php/PwP2.5.1.1.rar POC : I- Remote File Inclusion /PwP2.5.1.1/template/Vert/index.php?sitepath=http://localhost/020.txt...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/01/23 12:0 a.m.22 views

SLAED CMS 2.5 Lite (newlang) Local File Inclusion Vulnerability

No description provided by source. SLAED CMS 2.5 Lite Local file inclusion Script url http://www.slaed.net/uploads/files/public/SLAEDCMS2.5Lite.zip Lets code in function/sources.php: 780: // Format language 781: function getlang$module="" 782: global $multilingual, $currentlang, $language,...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/01/09 12:0 a.m.34 views

Xoops XoopsGallery Module 'init_basic.php'远程文件包含漏洞

BUGTRAQ ID: 27155 CNCAN ID:CNCAN-2008010814 Xoops XoopsGallery Module是一款基于PHP的WEB应用程序。 Xoops XoopsGallery Module不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB权限执行任意PHP代码。 问题是由于'initbasic.php'脚本对用户提交的'GALLERYBASEDIR'参数缺少过滤,提交远程服务器上的任意文件作为包含对象,可导致以WEB权限执行任意PHP代码。 Xoops XoopsGallery Module 1.3.3 9 ------------...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2007/11/30 12:0 a.m.15 views

LearnLoop 2.0beta7 (sFilePath) Remote File Disclosure Vulnerability

No description provided by source. LearnLoop 2.0beta7 sFilePath Remote File Disclosure Vulnerability http://surfnet.dl.sourceforge.net/sourceforge/learnloop/learnloop2.0beta7.tar.gz...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.25 views

Ubuntu 6.06 LTS / 6.10 / 7.04 : tar vulnerability (USN-506-1)

Dmitry V. Levin discovered that tar did not correctly detect the '..' file path element when unpacking archives. If a user or an automated system were tricked into unpacking a specially crafted tar file, arbitrary files could be overwritten with user privileges. Note that Tenable Network Security...

6.8CVSS7.2AI score0.02743EPSS
Exploits1References2
Rows per page
Query Builder