CVE-2018-11637

Information leakage vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to read arbitrary files from the /var/ directory because a symlink exists under the web root...

CVE-2018-11637

Information leakage vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to read arbitrary files from the /var/ directory because a symlink exists under the web root...

Security Bulletin: IBM QRadar SIEM is vulnerable to path traversal attack. (CVE-2015-2007)

Summary A Path Traversal attack aims to access files and directories that are stored outside the web root folder. Vulnerability Details CVE-ID: CVE-2015-2007 Description: IBM QRadar could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL...

Node.js third-party modules: [simplehttpserver] List any file in the folder by using path traversal.

I would like to report Path Traversal in simplehttpserver. It allows to list any file in another folder of web root. Module module name: simplehttpserver version: 0.1.1 npm page: https://www.npmjs.com/package/simplehttpserver Module Description 'simpehttpserver' is an simple imitation of python's...

CVE-2018-10423

mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article...

Design/Logic Flaw

mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article...

CVE-2018-10423

mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article...

CVE-2018-10423

mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article...

MiniCMS Information Disclosure Vulnerability (CNVD-2018-08993)

MiniCMS is a mini content management system CMS designed for personal websites. An information disclosure vulnerability exists in the mc-admin/post.php file in MiniCMS version 1.10. A remote attacker can exploit this vulnerability to view all files located in the web root path...

CVE-2018-10201

An issue was discovered in NcMonitorServer.exe in NC Monitor Server in NComputing vSpace Pro 10 and 11. It is possible to read arbitrary files outside the root directory of the web server. This vulnerability could be exploited remotely by a crafted URL without credentials, with .../ or ...\ or...

ExpressionEngine: RCE By import channel field

The reporter determined that a malicious Channel Set could be used to allow an administrator to upload a PHP file that they might otherwise not have permission to upload. Combined with the temporary folder name algorithm being available in the source code, the malicious administrator could...

CVE-2018-9134

filemanagecontrol.php in DedeCMS 5.7 has CSRF in an fmdo=rename action, as demonstrated by renaming an arbitrary file under uploads/userup to a .php file under the web root to achieve PHP code execution. This uses the oldfilename and newfilename parameters...

The vulnerability of the FileStorageService service in the automation software Track-It! allows a hacker to upload arbitrary files to the root directory of the web server and execute arbitrary code.

The vulnerability of the FileStorageService service in the automation software Track-It! is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to upload arbitrary files to the root directory of the web server and execute arbitrary code with privilege...

Design/Logic Flaw

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service FileStorageService on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to upload a file to the web...

CVE-2017-15532

Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack also known as directory traversal. These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to access arbitrary...

Remote code execution

Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remoteagent.php request containing PHP code in a Client-ip header...

UBUNTU-CVE-2017-16660

Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remoteagent.php request containing PHP code in a Client-ip header...

DEBIAN-CVE-2017-16660

Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remoteagent.php request containing PHP code in a Client-ip header...

Design/Logic Flaw

Vulnerability in Easy Joomla Backup v3.2.4. The software creates a copy of the backup in the web root with an easily guessable filename...

CVE-2017-2550

Vulnerability in Easy Joomla Backup v3.2.4. The software creates a copy of the backup in the web root with an easily guessable filename...