EUVD-2022-4250

Malicious code in bioql PyPI...

RHEL 6 : rubygem-kafo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-kafo: temporary file creation vulnerability when creating /tmp/defaultvalues.yaml CVE-2014-0135 Note that...

Kafo allows local users to obtain passwords and other sensitive information by reading default_values.yaml

Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...

GHSA-HXVP-655X-XXQV Kafo allows local users to obtain passwords and other sensitive information by reading default_values.yaml

Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...

rubygem-kafo: temporary file creation vulnerability when creating /tmp/default_values.yaml

Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...

PhpMyDesktop/Arcade 1.0 Final - (phpdns_basedir) RFI Vulnerability

No description provided by source. Name : PhpMyDesktop|arcade 1.0 Final phpdnsbasedir Remote File Include Download From : http://mesh.dl.sourceforge.net/sourceforge/pmd-arcade/pmdarcade10final.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet : Google Dork : Powered by phpMyDesktop|arcade v1.0...

CVE-2014-0135

Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...

Design/Logic Flaw

Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...

CVE-2014-0135

Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...

CVE-2014-0135

CVE-2014-0135 affects Kafo before 0.3.17 and 0.4.x before 0.5.2 (as used by Foreman). The issue is that default_values.yaml is world-readable, allowing local users to read passwords and other sensitive information. Remediation is to upgrade Kafo to 0.3.17+ or 0.4.x to 0.5.2+ (where fixed). If not...

CVE-2014-0135 rubygem-kafo: temporary file creation vulnerability when creating /tmp/default_values.yaml

Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...

PhpMyDesktopArcade 1.0 Final - phpdns_basedir Remote File Inclusion

PhpMyDesktopArcade 1.0 Final - phpdnsbasedir Remote File Inclusion Name : PhpMyDesktop|arcade 1.0 Final phpdnsbasedir Remote File Include Download From : http://mesh.dl.sourceforge.net/sourceforge/pmd-arcade/pmdarcade10final.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet : Google Dork : Powere...

Dokeos 1.8.4 - Arbitrary File Upload

Dokeos 1.8.4 - Arbitrary File Upload Name : dokeos-1.8.4 Bypass Upload Shell From Your Profile Your Cpanel Download From : http://www.dokeos.com/download/dokeos-1.8.4.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet : Google Dork : Platform Dokeos 1.8.4 © 2007...

CityWriter 0.9.7 head.php Remote File Inclusion Vulnerability

No description provided by source. Name : CityWriter 0.9.7 Remote File Include Download From : http://download.hulihanapplications.com/citywriter/citywriter-0.97.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet : ============================================================================ Vulne...

citywriter-rfi.txt

Name : CityWriter 0.9.7 Remote File Include Download From : http://download.hulihanapplications.com/citywriter/citywriter-0.97.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet : ============================================================================ Vulne Code In File head.php In Line 1:...

Fastpublish CMS 1.9999 config[fsBase] RFI Vulnerability

No description provided by source. Name : Fastpublish CMS 1.9999 configfsBase Remote File Include Download From : http://www.fastpublish.org/aufbau/phpcontent/downloadlist.php?action=download&id=53&sprache=en Found By : RoMaNcYxHaCkEr Home Page : Not Yet :...

CityWriter 0.9.7 - head.php Remote File Inclusion

CityWriter 0.9.7 - head.php Remote File Inclusion Name : CityWriter 0.9.7 Remote File Include Download From : http://download.hulihanapplications.com/citywriter/citywriter-0.97.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet :...

fastpub-rfi.txt

Name : Fastpublish CMS 1.9999 configfsBase Remote File Include Download From : http://www.fastpublish.org/aufbau/phpcontent/downloadlist.php?action=download&id=53&sprache=en Found By : RoMaNcYxHaCkEr Home Page : Not Yet : ===========================================================================...

Fastpublish CMS 1.9999 - config[fsBase] Remote File Inclusion

Fastpublish CMS 1.9999 - configfsBase Remote File Inclusion Name : Fastpublish CMS 1.9999 configfsBase Remote File Include Download From : http://www.fastpublish.org/aufbau/phpcontent/downloadlist.php?action=download&id=53&sprache=en Found By : RoMaNcYxHaCkEr Home Page : Not Yet :...

viart-rfi.txt

Name : ViArt CMS 3.3.2 Remote File Include Download From : http://www.viart.com/downloads/viartcms-3.3.2.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet : ============================================================================ Vulne Code : Line 4 : includeonce$rootfolderpath...