2823 matches found
Code injection
Dave Nielsen and Patrick Breitenbach PayPal Web Services aka PHP Toolkit 0.50 and possibly earlier has 1 world-readable permissions for ipn/logs/ipnsuccess.txt, which allows local users to view sensitive information payment data, and 2 world-writable permissions for ipn/logs, which allows local...
CVE-2006-0202
Dave Nielsen and Patrick Breitenbach PayPal Web Services aka PHP Toolkit 0.50 and possibly earlier has 1 world-readable permissions for ipn/logs/ipnsuccess.txt, which allows local users to view sensitive information payment data, and 2 world-writable permissions for ipn/logs, which allows local...
CVE-2006-0202
CVE-2006-0202 affects PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier. The issue is due to insecure filesystem permissions: ipn/logs/ipn_success.txt is world-readable, allowing local users to view payment data, and ipn/logs is world-writable, enabling local users to delete or repl...
CVE-2005-2713
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option...
PT-2005-4719 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the patchday that contains the fix for this issue Description: This issue allows local users to kill a writable process by using the CreateRemoteThread function with certain arguments on a process that has...
n13SQL.php.txt
.::KingOfSka N-13 News Remote PHP Shell Injection::. || http://contropotere.altervista.org || .::KingOfSka N-13 News PHP Shell Injection::. || Contro Potere Hacking Crew || ' ,0 ,0 ,0 ,0 INTO OUTFILE '$outfile"; $sql = urlencode$sql; $expurl= $url."?id=".$sql ; echo ' Click Here to Exploit '; ech...
BSD ftpd Single Byte Buffer Overflow
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges. OpenVAS Vulnerability Test $Id: ftpd1byteoverflow.nasl 6522 2017-07-04 15:22:28Z cfischer $ Description: BSD ftpd Single Byte Buffer Overflow Authors: Xue Yong Zhi Copyright:...
CVE-2005-3291
Stani's Python Editor SPE 0.7.5 is installed with world-writable permissions, which allows local users to gain privileges by modifying executable files...
CVE-2005-3291
SPE 0.7.5 on Gentoo is affected by world-writable file permissions, allowing a local user to modify executables and potentially execute arbitrary code with the user’s privileges. The Gentoo GLSA 200510-13 and Gentoo advisory GLSA describe the issue and recommend upgrading SPE to the latest versio...
CVE-2005-3291
Stani's Python Editor SPE 0.7.5 is installed with world-writable permissions, which allows local users to gain privileges by modifying executable files...
SPE Python Integrated Development Environment weak permissions
Application's files are world writable...
CVE-2005-3179
drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information...
The detection of a account on the default permissions of the directory is writable for the script-vulnerability warning-the black bar safety net
Author: invincible most lonelyE. S. T source: evil octal China in the web after the invasion,often be looking for a writable directory to upload the webshell or other things,this is a critical issue. Most of the administrators to some system directory, do the permissions to change settings,but...
FTP Writable Directories
By crawling through the remote FTP server, Nessus discovered several directories were marked as being world-writable. This could have several negative impacts : - Temporary file uploads are sometimes immediately available to all anonymous users, allowing the FTP server to be used as a 'drop' poin...
DEBIAN-CVE-2005-2656
Polygen before 1.0.6 generates precompiled grammar objects with world-writable permissions, which allows local users to cause a denial of service disk consumption and possibly perform other unauthorized activities...
CVE-2005-2656
Polygen before 1.0.6 generates precompiled grammar objects with world-writable permissions, which allows local users to cause a denial of service disk consumption and possibly perform other unauthorized activities...
CVE-2005-2656
Polygen before 1.0.6 generates precompiled grammar objects with world-writable permissions, which allows local users to cause a denial of service disk consumption and possibly perform other unauthorized activities...
CVE-2005-2656
Polygen before 1.0.6 generates precompiled grammar objects with world-writable permissions, which allows local users to cause a denial of service disk consumption and possibly perform other unauthorized activities...
CVE-2005-2656
Polygen before 1.0.6 generates precompiled grammar objects with world-writable permissions, which allows local users to cause a denial of service disk consumption and possibly perform other unauthorized activities...
Debian DSA-794-1 : polygen - programming error
Justin Rye noticed that polygen generates precompiled grammar objects world-writable, which can be exploited by a local attacker to at least fill up the filesystem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debi...