25 matches found
Authentication flaw
The Sheepdog backend in OpenStack Image Registry and Delivery Service Glance 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location...
ThinkSAAS 某处平衡权限
简要描述: ThinkSAAS 某处平衡权限 详细说明: ThinkSAAS 某处平衡权限,可修改任意用户任意图片信息,图片名称,图片描述介绍等。 app/photo/action/edit.php文件: case "do": if$POST'token' != $SESSION'token' tsNotice'非法操作!'; $photoid = intval$POST'photoid'; $photoname = tsClean$POST'photoname'; $photodesc = tsClean$POST'photodesc';...
USN-2013-1: MAAS vulnerabilities
It was discovered that maas-import-pxe-files incorrectly loaded configuration information from the current working directory. A local attacker could execute code as an administrator if maas-import-pxe-files were run from an attacker-controlled directory. CVE-2013-1057 It was discovered that...
Ubuntu 12.04 LTS / 12.10 / 13.04 : maas vulnerabilities (USN-2013-1)
It was discovered that maas-import-pxe-files incorrectly loaded configuration information from the current working directory. A local attacker could execute code as an administrator if maas-import-pxe-files were run from an attacker-controlled directory. CVE-2013-1057 It was discovered that...
2 0 0 7 the latest IE 0day net horse picture that-the vulnerability warning-the black bar safety net
Ghost boy Note: This something has recently fried very hot, the css calls the two pictures, but it is unclear principle. Reportedly originally sold to 8W, but now it seems like everywhere got. Just in xiaoguang there to see, turn around, and his this added a simple encryption. Source: XG'Blog How...