CVE-2008-2519

Directory traversal vulnerability in Core FTP client 2.1 Build 1565 allows remote FTP servers to create or overwrite arbitrary files via .. dot dot sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup...

Heap overflow

Heap-based buffer overflow in the VMware Host Guest File System HGFS in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when folder sharing is used, allows guest OS users to...

CVE-2008-2511

Directory traversal vulnerability in the UmxEventCli.CachedAuditDataList.1 aka UmxEventCliLib ActiveX control in UmxEventCli.dll in CA Internet Security Suite 2008 allows remote attackers to create and overwrite arbitrary files via a .. dot dot in the argument to the SaveToFile method. NOTE: this...

CVE-2008-2098

Heap-based buffer overflow in the VMware Host Guest File System HGFS in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when folder sharing is used, allows guest OS users to...

Directory traversal

Directory traversal vulnerability in the FireFTP add-on before 0.98.20080518 for Firefox allows remote FTP servers to create or overwrite arbitrary files via ..\ dot dot backslash sequences in responses to 1 MLSD and 2 LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged f...

Zomplog <= 3.8.2 (newuser.php) Arbitrary Add Admin Exploit

No description provided by source. ======================== WEBXAKEP.NET =========================== Name: "Zomplog 3.8.2 = add admin" Version: All Script Download: http://www.zomp.nl/zomplog/ DORK: "powered by zomplog" Discovered By: ArxWolf Discovered On: 16 05 2008 WWW: http://WebXakep.net ICQ...

Zomplog 3.8.2 - newuser.php Arbitrary Add Admin

Zomplog 3.8.2 - newuser.php Arbitrary Add Admin ======================== WEBXAKEP.NET =========================== Name: "Zomplog 3.8.2 Добавляем админа "Add Admin" /-- Титлы блога "Blog Title" Логин "Username" Пароль "Password" Повторяем пароль...

Zomplog 3.8.2 - 'newuser.php' Arbitrary Add Admin

======================== WEBXAKEP.NET =========================== Name: "Zomplog 3.8.2 Добавляем админа "Add Admin" /-- Титлы блога "Blog Title" Логин "Username" Пароль "Password" Повторяем пароль "Confirm password"...

Zomplog <= 3.8.2 (newuser.php) Arbitrary Add Admin Exploit

Exploit for unknown platform in category web applications ========================================================== Zomplog Добавляем админа "Add Admin" /-- Титлы блога "Blog Title" Логин "Username" Пароль "Password" Повторяем пароль "Confirm...

Mega File Hosting Script 1.2 (fid) Remote SQL Injection Vulnerability

No description provided by source. Script: Mega File Hosting script Type: SQL Injection 1923TURK.ORG TURKiSHWARRiORR Step 1: Register an account Step 2: login and go to /members.php?folders=1 Step 3: Create a folder with any name Exploitation options: ADIM 1:...

Mega File Hosting Script 1.2 (fid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ===================================================================== Mega File Hosting Script 1.2 fid Remote SQL Injection Vulnerability ===================================================================== Script: Mega File Hosting scrip...

Mega File Hosting Script 1.2 - &#039;fid&#039; SQL Injection

Script: Mega File Hosting script Type: SQL Injection 1923TURK.ORG TURKiSHWARRiORR Step 1: Register an account Step 2: login and go to /members.php?folders=1 Step 3: Create a folder with any name Exploitation options: ADIM 1:...

megafile-sql.txt

Script: Mega File Hosting script Type: SQL Injection 1923TURK.ORG TURKiSHWARRiORR Step 1: Register an account Step 2: login and go to /members.php?folders=1 Step 3: Create a folder with any name Exploitation options: ADIM 1:...

Directory traversal

Directory traversal vulnerability in the NeffyLauncher 1.0.5 ActiveX control NeffyLauncher.dll in CDNetworks Nefficient Download allows remote attackers to download arbitrary code onto a client system via a .. dot dot in the SkinPath parameter and a .zip URL in the HttpSkin parameter. NOTE: this...

CVE-2008-1634

Cross-site scripting XSS vulnerability in index.php in JV2 Folder Gallery 3.1 allows remote attackers to inject arbitrary web script or HTML via the image parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-1634

CVE-2008-1634 concerns a Cross-site Scripting (XSS) vulnerability in the JV2 Folder Gallery 3.1 package, specifically in the index.php file. The flaw allows remote attackers to inject arbitrary web script or HTML through the image parameter. This is the extent of information provided: the vulnera...

CVE-2008-1291

ViewVC before 1.0.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read files and list folders under the hidden CVSROOT folder...

CVE-2008-1291

ViewVC before 1.0.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read files and list folders under the hidden CVSROOT folder...

CVE-2008-1291

Removed by vendor...

CVE-2008-1330

The CVE-2008-1330 issue affects Novell GroupWise for Windows (Windows client API) on GroupWise 7 (before SP3) and GroupWise 6.5 (before SP6 Update 3). The described fault occurs when handling shared folders, allowing remote authenticated users to access non-shared e-mail messages in a mailbox of ...