20 matches found
EUVD-2022-4250
Malicious code in bioql PyPI...
RHEL 6 : rubygem-kafo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-kafo: temporary file creation vulnerability when creating /tmp/defaultvalues.yaml CVE-2014-0135 Note that...
GHSA-HXVP-655X-XXQV Kafo allows local users to obtain passwords and other sensitive information by reading default_values.yaml
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...
Kafo allows local users to obtain passwords and other sensitive information by reading default_values.yaml
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...
rubygem-kafo: temporary file creation vulnerability when creating /tmp/default_values.yaml
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...
PhpMyDesktop/Arcade 1.0 Final - (phpdns_basedir) RFI Vulnerability
No description provided by source. Name : PhpMyDesktop|arcade 1.0 Final phpdnsbasedir Remote File Include Download From : http://mesh.dl.sourceforge.net/sourceforge/pmd-arcade/pmdarcade10final.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet : Google Dork : Powered by phpMyDesktop|arcade v1.0...
CVE-2014-0135
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...
Design/Logic Flaw
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...
CVE-2014-0135
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...
CVE-2014-0135
CVE-2014-0135 affects Kafo before 0.3.17 and 0.4.x before 0.5.2 (as used by Foreman). The issue is that default_values.yaml is world-readable, allowing local users to read passwords and other sensitive information. Remediation is to upgrade Kafo to 0.3.17+ or 0.4.x to 0.5.2+ (where fixed). If not...
CVE-2014-0135 rubygem-kafo: temporary file creation vulnerability when creating /tmp/default_values.yaml
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...
PhpMyDesktopArcade 1.0 Final - phpdns_basedir Remote File Inclusion
PhpMyDesktopArcade 1.0 Final - phpdnsbasedir Remote File Inclusion Name : PhpMyDesktop|arcade 1.0 Final phpdnsbasedir Remote File Include Download From : http://mesh.dl.sourceforge.net/sourceforge/pmd-arcade/pmdarcade10final.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet : Google Dork : Powere...
Dokeos 1.8.4 - Arbitrary File Upload
Dokeos 1.8.4 - Arbitrary File Upload Name : dokeos-1.8.4 Bypass Upload Shell From Your Profile Your Cpanel Download From : http://www.dokeos.com/download/dokeos-1.8.4.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet : Google Dork : Platform Dokeos 1.8.4 © 2007...
CityWriter 0.9.7 head.php Remote File Inclusion Vulnerability
No description provided by source. Name : CityWriter 0.9.7 Remote File Include Download From : http://download.hulihanapplications.com/citywriter/citywriter-0.97.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet : ============================================================================ Vulne...
citywriter-rfi.txt
Name : CityWriter 0.9.7 Remote File Include Download From : http://download.hulihanapplications.com/citywriter/citywriter-0.97.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet : ============================================================================ Vulne Code In File head.php In Line 1:...
Fastpublish CMS 1.9999 config[fsBase] RFI Vulnerability
No description provided by source. Name : Fastpublish CMS 1.9999 configfsBase Remote File Include Download From : http://www.fastpublish.org/aufbau/phpcontent/downloadlist.php?action=download&id=53&sprache=en Found By : RoMaNcYxHaCkEr Home Page : Not Yet :...
CityWriter 0.9.7 - head.php Remote File Inclusion
CityWriter 0.9.7 - head.php Remote File Inclusion Name : CityWriter 0.9.7 Remote File Include Download From : http://download.hulihanapplications.com/citywriter/citywriter-0.97.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet :...
viart-rfi.txt
Name : ViArt CMS 3.3.2 Remote File Include Download From : http://www.viart.com/downloads/viartcms-3.3.2.zip Found By : RoMaNcYxHaCkEr Home Page : Not Yet : ============================================================================ Vulne Code : Line 4 : includeonce$rootfolderpath...
Fastpublish CMS 1.9999 - config[fsBase] Remote File Inclusion
Fastpublish CMS 1.9999 - configfsBase Remote File Inclusion Name : Fastpublish CMS 1.9999 configfsBase Remote File Include Download From : http://www.fastpublish.org/aufbau/phpcontent/downloadlist.php?action=download&id=53&sprache=en Found By : RoMaNcYxHaCkEr Home Page : Not Yet :...
fastpub-rfi.txt
Name : Fastpublish CMS 1.9999 configfsBase Remote File Include Download From : http://www.fastpublish.org/aufbau/phpcontent/downloadlist.php?action=download&id=53&sprache=en Found By : RoMaNcYxHaCkEr Home Page : Not Yet : ===========================================================================...