3 matches found
CVE-2016-10345
In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user...
robin twombly a1 http server 1.0 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2436/info It is possible for a remote user to gain read access to directories and files outside the web root. Requesting a specially crafted URL composed of '../' sequences will disclose an arbitrary directory, appending...
Microsoft Internet Explorer 5 \'INPUT TYPE=FILE\' Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2045/info One of the ways users submit information to remote websites is through the INPUT type form options. Users can upload files to remote webservers with the input type=FILE option. Due to a design error in the...