CVE-2006-0255

Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when SecureClient attempts to launch the SrGUI.exe program...

Directory traversal

Directory traversal vulnerability in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows remote authenticated users to rename the folders of other users via a .. dot dot in the RENAME command...

CVE-2006-0127

Rockliffe MailSite IMAP (pre-6.1.22.1) suffers a directory-traversal in the RENAME command that enables remote authenticated users to rename other users’ folders. Affects the IMAP service; impact includes partial integrity (I: Partial, A: None, C: None) with no confidentiality/availability impact...

The reproduction of the former vulnerability--Qin bamboo musical program the negligent-vulnerability warning-the black bar safety net

A few days ago, downloaded a set of“Qin bamboo music network v3. 0 static generation”version, when tested, turned out to see former sun-the power upload vulnerability. Once Upon a time, the power upload vulnerability put in front of me, but even missed. Today, the former vulnerability in the Qin...

CVE-2005-4681

Buffer overflow in mIRC 5.91, 6.03, 6.12, and 6.16 allows local users to execute arbitrary code via a long string that is entered after reaching the DCC Get Folder Dialog. NOTE: this issue has been disputed by the vendor, saying "as far as I can tell, this is neither an exploit nor a vulnerabilit...

CVE-2005-4854

eZ publish 3.5 through 3.7 before 20050830 does not use a folder's read permissions to restrict notifications, which allows remote authenticated users to obtain sensitive information about changes to content in arbitrary folders...

PT-2005-5346 · Mirc · Mirc

Name of the Vulnerable Software and Affected Versions: mIRC versions 5.91 through 6.16 Description: A buffer overflow issue allows local users to potentially execute arbitrary code by entering a long string after reaching the DCC Get Folder Dialog. The vendor has disputed this issue, suggesting i...

With adsutil. vbs+..\+cmd. ASP to create the perfect Backdoor-vulnerability warning-the black bar safety net

We have to do a good back door, while depressed, of those who ready-made backdoors in software are difficult to escape the antivirus software's hunted down, and write yourself back door of our small bugs are also seem to be not realistic. Below I will teach you a method that lets you build a...

CVE-2004-2584

frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte "%00". NOTE: it is not clear whether this issue poses a vulnerability...

CVE-2004-2584

CVE-2004-2584 affects SmarterTools SmarterMail 1.6.1511 and 1.6.1529. The description specifies that frmAddfolder.aspx allows remote authenticated users to create a folder that SmarterMail cannot delete or rename when the folder name contains a null byte ("%00"). The underlying cause is a folder ...

CVE-2005-2939

VMware Workstation 5.0.0 build-13124 is affected by an unquoted Windows search path vulnerability that could let a local user gain privileges by placing a malicious C:\program.exe. Root cause: unquoted path in Windows search. Impact: local privilege escalation (consistency with CVSS 2.0 metrics)....

CVE-2005-2940

Unquoted Windows search path vulnerability in Microsoft Antispyware 1.0.509 Beta 1 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, involving the programs 1 GIANTAntiSpywareMain.exe, 2 gcASNotice.exe, 3 gcasServ.exe, 4 gcasSWUpdater.exe, or 5...

CVE-2005-3647

Folder Guard allows local users to bypass protections by running from or installing to the temporary files directory...

CVE-2005-3647

The CVE-2005-3647 issue is described as a local privilege-bypass in Folder Guard. Local users can bypass protections by running from or installing to the temporary files directory. Underlying cause: the temporary files path enables bypass of protections. Impact (per CVSS): partial confidentiality...

CVE-2005-3647

Folder Guard allows local users to bypass protections by running from or installing to the temporary files directory...

DEBIAN-CVE-2005-3559

Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote attackers to access WAV files via a .. dot dot in the folder parameter...

Without the password you can also enter the shared folder-vulnerability warning-the black bar safety net

| ! --- Figure 1 ! --- If your colleaguesor leadership, huh? not too good at write down the long password that you do on your machine is he specifically assigned a no-password user, so the user just enter the username you can access you assign him resources? First right-click“My Computer”, then...

IIS 5.0 Sample App reveals physical path of web root

A sample application shipped with IIS 5.0 discloses the physical path of the web root. An attacker can use this information to make more focused attacks. OpenVAS Vulnerability Test $Id: iis5samplepath.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: IIS 5.0 Sample App reveals physical path of...

Vulnerability in MG2 php based Image Gallery - bypass security, view password protected images

The MG2 Image Gallery system has the ability to make create online galleries. Even password protected once. By manipulating url from a gallery, you are able to list out all pictures in every gallery. Even though they are inside a password protected folder. Sample manipulation could be:...

phpBB 2.0.13 (admin_styles.php) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl r57phpbbadmin2exec.pl phpBB adminstyles.php commands execution exploit tested on phpBB 2.0.13 by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru screen r57phpbbadmin2exec.pl -p http://blah.com/phpBB/admin/ -s 0864cb0abb396319c589ebc2a98c2c5d -c...