CVE-2013-1807

PHP-Fusion before 7.02.06 stores backup files with predictable filenames in an unrestricted directory under the web document root, which might allow remote attackers to obtain sensitive information via a direct request to the backup file in administration/dbbackups/...

CVE-2014-2042

Unrestricted file upload vulnerability in the Manage Project functionality in Livetecs Timelive before 6.5.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a predictable directory ...

CVE-2014-2893

The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users to obtain sensitive information or overwrite arbitrary files via a symlink attack on temporary directories with predictable names...

CVE-2013-4472

The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names...

Design/Logic Flaw

The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names...

Authentication flaw

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not require authentication for access to log files, which allows remote attackers to obtain sensitive server information by using a predictable name in a request for a file...

HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

CA 2E Web Option session spooging

Pridictable session token...

Kemana Directory 1.5.6 Database Backup Disclosure Vulnerability

Kemana Directory version 1.5.6 suffers from a database backup disclosure vulnerability. ?php / Kemana Directory 1.5.6 Database Backup Disclosure Exploit Vendor: C97net Product web page: http://www.c97.net Affected version: 1.5.6 Summary: Experience the ultimate directory script solution with...

Kemana Directory 1.5.6 Database Backup Disclosure

$total return; ifempty$starttime $starttime=time; $n...

Kemana Directory 1.5.6 Database Backup Disclosure Exploit

Summary Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with Kemana. Unique Kemana's features including: CMS engine based on our qEngine, multiple directories support, user friendly administration control panel, easy to use custom fields,...

Kemana Directory 1.5.6 - Database Backup Disclosure

$total return; ifempty$starttime $starttime=time; $now...

Fedora 20 : jansson-2.6-1.fc20 (2014-3778)

Florian Weimer of the Red Hat Product Security Team found that the hashing implementation in Jansson, a library for encoding, decoding and manipulating JSON data, was susceptible to predictable hash collisions. A remote attacker could use this flaw to cause an application using Jansson to use an...

Squid Proxy DNS Response Spoofing (CVE-2005-1519; CVE-2007-3898)

There exists a vulnerability in Squid Web Proxy Cache in the processing of DNS lookups. The flaw is caused by predictable transaction identifiers in DNS requests generated by Squid. A remote attacker may leverage this vulnerability to use spoofed DNS responses to poison the DNS cache on the targe...

HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

Code injection

The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp...

CVE-2013-6493

The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp...

CVE-2013-6493

The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp...

CA 2E Web Option 8.1.2身份验证绕过漏洞

CVECAN ID: CVE-2014-1219 CA 2E Web Option是CA 2E应用Web接口开发工具。 CA 2E Web Option r8.1.2生成会议令牌的方式可以预测，在实现上存在安全漏洞，这可使远程攻击者绕过身份验证机制。 0 CA 2E Web Option 8.1.2 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.ca.com/us//media/files/productbriefs/cs3003-ca-2e-web-option.aspx Vulnerability title:...