9564 matches found
SquirrelMail 1.4.5-RC1 - Arbitrary Variable Overwrite
SquirrelMail 1.4.5-RC1 - Arbitrary Variable Overwrite SquirrelMail Arbitrary Variable Overwrite Vendor: The SquirrelMail Project Team Product: SquirrelMail Version: = 1.4.5-RC1 Website: http://www.squirrelmail.org/ BID: 14254 CVE: CVE-2005-2095 SECUNIA: 16058 PACKETSTORM: 38709 Description:...
Q-shell - Quick Shell for Unix Administrator
q-shell is quick shell for remote login into Unix system, it use blowfish crypt algorithm to protect transport data from client to server, you can get two program: 'qsh' for client, and 'qshd' for server, those program can rename by any name with you prefer. Compile Just enter 'make' and it will...
CVE-2015-5456
PivotX is affected by CVE-2015-5456: an XSS in the form method (modules/formclass.php) present in PivotX versions before 2.3.11. The vulnerability is triggered via PATH_INFO (related to PHP_SELF) and form actions, allowing remote injection of script/html with no authentication. NVD notes CVSSv2 b...
DedeCMS < 5.7-sp1 - Remote File Inclusion Vulnerability
Exploit for php platform in category web applications ========================== Exploit Title: Dedecms variable coverage leads to getshell Date: 26-06-2015 Vendor Homepage: http://www.dedecms.com/ Version: dedecms 5.7-sp1 and all old version CVE : CVE-2015-4553 ===========================...
CVE-2015-3202
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking 1 mount or 2 umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNTMTAB environment variable that is used by mount's debugging feature...
DEBIAN-CVE-2015-3202
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking 1 mount or 2 umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNTMTAB environment variable that is used by mount's debugging feature...
Design/Logic Flaw
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking 1 mount or 2 umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNTMTAB environment variable that is used by mount's debugging feature...
CVE-2015-3202
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking 1 mount or 2 umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNTMTAB environment variable that is used by mount's debugging feature...
DeDeCMS < 5.7-sp1 - Remote File Inclusion
========================== Exploit Title: Dedecms variable coverage leads to getshell Date: 26-06-2015 Vendor Homepage: http://www.dedecms.com/ Version: dedecms 5.7-sp1 and all old version CVE : CVE-2015-4553 =========================== CVE-2015-4553Dedecms variable coverage leads to getshell...
Endian Firewall 3.0.0 - OS Command Injection (Metasploit)
Endian Firewall 3.0.0 - OS Command Injection Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Endian Firewall %q This module exploits an OS command injection vulnerabilit...
DeDeCMS 5.7-sp1 - Remote File Inclusion
DeDeCMS 5.7-sp1 - Remote File Inclusion ========================== Exploit Title: Dedecms variable coverage leads to getshell Date: 26-06-2015 Vendor Homepage: http://www.dedecms.com/ Version: dedecms 5.7-sp1 and all old version CVE : CVE-2015-4553 =========================== CVE-2015-4553Dedecms...
Design/Logic Flaw
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers aka SystemEDGE 12....
Design/Logic Flaw
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers aka SystemEDGE 12....
CVE-2015-3316
CVE-2015-3316 affects CA Common Services and multiple CA products (e.g., CA Client Automation, CA Network and Systems Management, NSM Job Management Option, Universal Job Management Agent, SystemEDGE, and CA Workload Automation AE) on UNIX. The root cause is insecure handling of an environment va...
CVE-2015-3316
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers aka SystemEDGE 12....
Microsoft Internet Explorer hr Element Uninitialized Variable Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...
php -- arbitrary code execution
cmb reports: When delayed variable substitution is enabled can be set in the Registry, for instance, !ENV! works similar to %ENV%, and the value of the environment variable ENV will be subsituted...
CA Common Services Variable Handling Local Elevation of Privilege Vulnerability
CA is a leading global provider of IT management software and solutions, with products and technologies that span the full spectrum of IT environments, from mainframes to distributed systems, from virtualization to the cloud. A security vulnerability in CA Common Services' handling of specially...
CVE-2015-3202
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking 1 mount or 2 umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNTMTAB environment variable that is used by mount's debugging feature...
UBUNTU-CVE-2015-3202
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking 1 mount or 2 umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNTMTAB environment variable that is used by mount's debugging feature...