WordPress Plugin Zingiri 2.2.3 - ajax_save_name.php Remote Code Execution

WordPress Plugin Zingiri 2.2.3 - ajaxsavename.php Remote Code Execution get; 41. ifremoveTrailingSlash$sessionAction-getFolder == getParentPath$POST'id' && sizeof$selectedDocuments 42. 43. if$key = arraysearchbasename$POST'id', $selectedDocuments !== false 44. 45...

Wing FTP Server HTTP Directory Traversal Vulnerability

Christian Navarrete has discovered a vulnerability in Wing FTP Server, which can be exploited by malicious people to disclose sensitive information. The vulnerability is caused due to an input validation error when processing HTTP requests. This can be exploited to access files outside the web ro...

Java Mini Web Server <= 1.0 Path Traversal and Cross Site Scripting

Exploit for multiple platform in category remote exploits =================================================================== Java Mini Web Server | www.DigitalWhisper.co.il Software Link: http://www.jibble.org/miniwebserver/ Version: YOURXSSHEREWork?Index of %00"Work?Index of %00"Work? Work?...

Mura CMS

ONSEC-09-020 Mura CMS root folder disclosure Objective: Mura CMS = 5.1 Type: Disclosure of ways Threat: Medium Date Discovered: 22.09.2009 Date of notification Developer: 22.09.2009 Released corrections: Author: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Description: content...

Mura CMS 5.1 Root folder disclosure

Exploit for unknown platform in category web applications =================================== Mura CMS 5.1 Root folder disclosure =================================== Objective: Mura CMS = 5.1 Type: Disclosure of ways Threat: Medium Date Discovered: 22.09.2009 Date of notification Developer:...

Mura CMS 5.1 Root folder disclosure

No description provided by source. ONSEC-09-020 Mura CMS root folder disclosure Objective: Mura CMS = 5.1 Type: Disclosure of ways Threat: Medium Date Discovered: 22.09.2009 Date of notification Developer: 22.09.2009 Released corrections: Author: Vladimir Vorontsov OnSec Russian Security Group...

Amiro.CMS 5.4.0.0 Root Folder Disclosure

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ONSEC-09-005 Amiro.CMS root folder disclosure Objective: Amiro CMS = 5.4.0.0 Type: Disclosure of ways Threat: Medium Date Discovered: 01.07.2009 Date of notification Developer: 01.07.2009...

Viart shopping cart 3.5 - Multiple Vulnerabilities

=============================================================== !vuln ViArt Shopping Cart v3.5 is prone to multiple remote vulnerabilities. Earlier versions may also be affected. ===============================================================...

Cpanel fantastico Privilege Escalation &quot;ModSec and PHP restriction Bypass&quot;

Script : Cpanel 11.x bug : language.php edite file exploit=Cpanel fantastico Privilege Escalation "ModSec and PHP restriction Bypass" safemode off , modsecurity off Disable functions : All NONE ,access root folder ?php / Deadly Script by Super-Crystal bypass Cpanel fantastico www.arab4services.ne...

CVE-2002-1184

The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access Everyone:F and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan hor...

Microsoft Security Bulletin MS02-064: Windows 2000 Default Permissions Could Allow Trojan Horse Program &#40;Q327522&#41;

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Windows 2000 Default Permissions Could Allow Trojan Horse Program Q327522 Date: 30 October 2002 Software: Windows 2000 Impact: Trojan Horse program execution Max Risk: Moderate...

Windows Apache directory traversal

It's possible to leave web rot folder by using backslash...

FrontPage 98Personal WebServer 1.0 Personal Web Server 2.0 - htimage.exe File Existence Disclosure

FrontPage 98Personal WebServer 1.0 Personal Web Server 2.0 - htimage.exe File Existence Disclosure source: https://www.securityfocus.com/bid/1141/info htimage.exe can be used to determine if a specified path and filename exists on the target host or not. The specified path must be on the same...