152 matches found
FileBug v1.5.1 iOS - Directory Traversal Vulnerability
Document Title: =============== FileBug v1.5.1 iOS - Directory Traversal Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1342 Release Date: ============= 2014-10-14 Vulnerability Laboratory ID VL-ID: ==================================== 134...
OpenJDK: GnomeFileTypeDetector path access check (Libraries, 8004288)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not...
OpenJDK: GnomeFileTypeDetector path access check (Libraries, 8004288)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not...
File input control has access to full path — Mozilla
Mozilla security researcher mozbugra4 reported a mechanism to exploit the control when set to the file type in order to get the full path. This can lead to information leakage and could be combined with other exploits to target attacks on the local file system...
curl: local file access via unsafe redirects
The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPTFOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to 1 trigger arbitrary requests to intranet servers, 2 read or overwrite arbitrary files via a redirect to a file:...
CVE-2006-3682
awstats.pl in AWStats 6.5 build 1.857 and earlier allows remote attackers to obtain the installation path via the 1 year, 2 pluginmode or 3 month parameters...
File absolute path to access that support non-8 0 port-vulnerability warning-the black bar safety net
Get the current asp implementation file where the absolute path support with port absolute path to/end in solving some ofXMLdocuments called useful. Or applied to the thief program, the program is as follows //poweredBy Airzen //qq:3 9 1 9 2 1 7 0 //e mail:[email protected] //date:2004-12-03 //repo...
.Net server form authentication protection bypass
By using backslash in the request path it's possible to access protected file...
Ultraseek special DOS device access
Document path can contain special device name...
ACI 4D WebServer Directory traversal.
vendor: http://www.4d.com/ current version: 6.7 tested version: 6.57 , others? This directory transversal hole seems to work on ACI 4d webserver running on the NT platform. I would imagine exploitation on a macos box would be similar but would require the proper mac filesystem path to the file yo...
Vulnerability in Soft Lite ServerWorx
----- Begin Hush Signed Message from [email protected] ----- Vulnerability in Soft Lite ServerWorx Overview Soft Lite ServerWorx v3.00 is a web server available from http://www.zdnet.com and http://www.softlite.net. A vulnerability exists which allows a remote user to break out of the web roo...
CVE-2000-0554
Ceilidh allows remote attackers to obtain the real path of the Ceilidh directory via the translatedpath hidden form field...