宝信建站系统 /EC/DM/ECDM0104.jsp 参数 filePath 下载漏洞

0x01 漏洞框架 相关厂商： 上海宝信软件股份有限公司 提交时间： 2015-04-26 公开时间： 2015-07-27 漏洞类型： 任意文件遍历/下载 上海宝信软件股份有限公司（简称“宝信软件”）系宝钢股份控股的软件企业，2001年4月上市，公司总部位于上海浦东张江高科技园区。...

php: buffer overflow and stack smashing error in phar_fix_filepath

A flaw was found in the way the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened...

kingdee 金蝶OA系统/oa/admin/application/file_download.jsp 参数filePath 任意文件下载漏洞

No description provided by source...

The vulnerability of the PHP interpreter, which allows attackers to trigger a service failure or exert other effects.

The vulnerability of the pharfixfilepath function ext/phar/phar.c in the PHP interpreter arises due to buffer overflow in the stack. Exploiting this vulnerability may allow an attacker to cause service failures or potentially have other effects by using a value with a very long length that is not...

Beijing Jinhe C6 Collaborative Management Platform Arbitrary File Download Vulnerability

Jinhe OA is developed with asp.net and sqlserver technology and is used by many users. OA system/JHSoft.Web.CustomQuery/FileDownLoad.aspx page due to the FilePath parameter did not do ... /filter, can download any file in any directory, resulting in arbitrary file download vulnerability...

PHP 'phar_fix_filepath()' function stack buffer overflow vulnerability

PHP is an open source general-purpose computer scripting language. A stack-based buffer overflow vulnerability exists in the PHP 'pharfixfilepath' function, which allows remote attackers to exploit the vulnerability by submitting a special request to crash the application or execute arbitrary cod...

UBUNTU-CVE-2015-5590

Stack-based buffer overflow in the pharfixfilepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value, as demonstrated by mishandling...

CVE-2015-2071

Directory traversal vulnerability in cm/newui/blog/export.jsp in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote authenticated users to read arbitrary files via a .. dot dot in the filepath parameter...

YYMusicCMS File Upload Vulnerability

YYMusicCMS is a program that can provide online music, the program interface is beautiful and generous, using ASP + ACCESS development. YYMusicCMS has a file upload vulnerability, due to the lack of filtering of the Form form FilePath parameter, resulting in the ability to upload asp type files. ...

CVE-2014-8953

Multiple cross-site request forgery CSRF vulnerabilities in Php Scriptlerim Who's Who script allow remote attackers to hijack the authentication of administrators or requests that 1 add an admin account via a request to filepath/yonetim/plugin/adminsave.php or have unspecified impact via a reques...

OSSEC 2.8 - Insecure Temporary File Creation Vulnerability Privilege Escalation Exploit

Exploit for linux platform in category local exploits !/usr/bin/python Exploit Title: ossec 2.8 Insecure Temporary File Creation Vulnerability Privilege Escalation Date: 14-11-14 Exploit Author: skynet-13 Vendor Homepage: www.ossec.net/ Software Link:...

OSSEC 2.8 - hosts.deny Local Privilege Escalation

OSSEC 2.8 - hosts.deny Local Privilege Escalation !/usr/bin/python Exploit Title: ossec 2.8 Insecure Temporary File Creation Vulnerability Privilege Escalation Date: 14-11-14 Exploit Author: skynet-13 Vendor Homepage: www.ossec.net/ Software Link:...

Wordpress User Meta 1.1.1 - Arbitrary File Upload Vulnerability

No description provided by source. Exploit Title: Wordpress User Meta Version 1.1.1 Arbitrary File Upload Google Dork: inurl:wp-content/plugins/user-meta/framework/helper/ Date: 11/06/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://user-meta.com/ Software Link:...

NoAh <= 0.9 pre 1.2 (filepath) Remote File Disclosure Vulnerabilities

No description provided by source. NoAh = 0.9 pre 1.2 filepath Remote File Disclosure Vulnerabilities Script : http://sourceforge.net/project/showfiles.php?groupid=131995 /noah0.9pre1.2.tar.gz/ Exploits : /noah/modules/nosystem/templates/cssfile.php?filepath=../../../../../../etc/passwd...

open auto classifieds <= 1.5.9 - Multiple Vulnerabilities

No description provided by source. MorningStar Security - Advisory http://www.morningstarsecurity.com/ Multiple security issues in Open Auto Classifieds 1. Advisory Information ---------------------------------------------------------------------------------------------- Title: Multiple security...

Gzip Memory Bomb Denial Of Service

This module generates and hosts a 10MB single-round gzip file that decompresses to 10GB. Many applications will not implement a length limit check and will eat up all memory and eventually die. This can also be used to kill systems that download/parse content from a user-provided URL...

CVE-2013-2900

The FilePath::ReferencesParent function in files/filepath.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . dot and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted...

Commonly used background Uploader to get shell-vulnerability warning-the black bar safety net

Sometimes into the background, take the shell also may be your fetters. With the editor, then specifically say, in case the editor is the Lite or is the vulnerability patching of the FCK, only the use of some small to upload, don't underestimate these upload points.! \ Can use the NC to submit, i...

Upload vulnerability filepath variable\0 0 truncation-vulnerabilities and early warning-the black bar safety net

POST /coin/upload. asp? action=upfile HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd. ms-excel, application/vnd. ms-powerpoint, application/msword, / Referer: Recently phpwind contains a vulnerability that Diamondback always...

WordPress Yoast v4.1.3 Local File Disclosure Vulnerability

No description provided by source. !/bin/python print "" print " Exploit Title:WordPress Yoast v4.1.3 Local File Disclosure Vulnerability" print " Author:Angel Injection " print " Home Page: http://dev-point.com http://sec-krb.org " print " Exploit find By H7acker110 " print " python exploit find...