placing software vulnerabilities
vulnerabilities.aspcode.net
Searching placing software vulnerabilities
suidperl in Linux Perl does not check the nosui
mountable
|
allowing
|
suidperl
|
placing
|
systems
|
option
|
access
|
setuid
|
CD-ROM
|
floppy
|
system
|
nosuid
|
script
|
users
|
mount
|
check
|
Linux
|
local
|
does
|
Perl
|
gain
|
file
|
root
|
disk
|
not
|
suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk.
Auto_FTP.pl script in Auto_FTP 0.2 uses the /tm
/tmp/ftp_tmp
|
permissions
|
Auto_FTPpl
|
directory
|
Auto_FTP
|
insecure
|
allows
|
script
|
shared
|
local
|
users
|
which
|
uses
|
Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being transferred.
Horde Internet Messaging Program (IMP) before 2
Messaging
|
Internet
|
Program
|
Horde
|
Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
Format string vulnerabilities in Oracle Listene
vulnerabilities
|
Listener
|
utility
|
Control
|
Format
|
string
|
Oracle
|
Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora configuration file.
lv reads a .lv file from the current working di
directories
|
directory
|
malicious
|
arbitrary
|
commands
|
placing
|
execute
|
current
|
working
|
allows
|
files
|
other
|
which
|
reads
|
users
|
local
|
into
|
file
|
lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories.
The Audio Setup Wizard (asw.dll) in Yahoo! Mess
Wizard
|
Setup
|
Audio
|
The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows attackers to arbitrary code by placing a malicious ping.exe program into the Messenger program directory, which is installed with weak default permissions.
Direct code injection vulnerability in FlatNuke
vulnerability
|
injection
|
FlatNuke
|
Direct
|
code
|
Direct code injection vulnerability in FlatNuke 2.5.3 allows remote attackers to execute arbitrary PHP code by placing the code into the Referer header of an HTTP request, which causes the code to be injected into referer.php, which can then be accessed by the attacker.
Unrestricted file upload vulnerability in Segue
vulnerability
|
Unrestricted
|
before
|
upload
|
Segue
|
file
|
CMS
|
Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory.
Untrusted search path vulnerability in the True
vulnerability
|
TrueVector
|
Untrusted
|
service
|
search
|
path
|
Untrusted search path vulnerability in the TrueVector service (VSMON.exe) in Zone Labs ZoneAlarm 6.x and Integrity does not search ZoneAlarm's own folders before other folders that are specified in a user's PATH, which might allow local users to execute code as SYSTEM by placing malicious DLLs into a folder that has insecure permissions, but is searched before ZoneAlarm's folder. NOTE: since this issue is dependent on the existence of a vulnerability in a separate product (weak permissions of executables or libraries, or the execution of malicious code), perhaps it should not be included in CVE.
PHP remote file inclusion vulnerability in sips
sipssys/code/boxincphp
|
vulnerability
|
publishing
|
integrated
|
inclusion
|
simple
|
system
|
Nilsen
|
remote
|
Haakon
|
file
|
PHP
|
PHP remote file inclusion vulnerability in sipssys/code/box.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) 0.3.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the config[sipssys] parameter. NOTE: the product's documentation recommends placing the affected file outside of the web root, so the scope of issue is limited to admins who do not, or cannot, follow this recommendation.
Hastymail 1.5 and earlier before 20061008 allow
Hastymail
|
earlier
|
before
|
Hastymail 1.5 and earlier before Sunday, October 08, 2006 allows remote authenticated users to send arbitrary SMTP commands by placing them after a CRLF.CRLF sequence in the smtp_message parameter. NOTE: this crosses privilege boundaries if the SMTP server configuration prevents a user from establishing a direct SMTP session. NOTE: this is a different type of issue than CVE-2006-5262.
Sunbelt Kerio Personal Firewall (SKPF) 4.3.268
Personal
|
Firewall
|
Sunbelt
|
Kerio
|
Sunbelt Kerio Personal Firewall (SKPF) 4.3.268 and 4.3.246, and possibly other versions allows local users to provide a Trojan horse iphlpapi.dll to SKPF by placing it in the installation directory.
scripts/cronscript.php in SysCP 1.2.15 and earl
scripts/cronscriptphp
|
SysCP
|
scripts/cronscript.php in SysCP 1.2.15 and earlier does not properly quote pathnames in user home directories, which allows local users to gain privileges by placing shell metacharacters in a directory name, and then using the control panel to protect this directory, a different vulnerability than CVE-2005-2568.
Portal Search allows remote attackers to redire
attackers
|
arbitrary
|
top-level
|
redirect
|
placing
|
Portal
|
string
|
Search
|
allows
|
remote
|
query
|
site
|
URI
|
URL
|
web
|
Portal Search allows remote attackers to redirect a URL to an arbitrary web site by placing the URL in the query string to the top-level URI.
Unrestricted file upload vulnerability in inclu
includes/upload_filephp
|
vulnerability
|
Unrestricted
|
okphpdo=act
|
parameters
|
attackers
|
arbitrary
|
script's
|
contents
|
placing
|
sending
|
scripts
|
Referer
|
upload
|
allows
|
remote
|
DmCMS
|
File3
|
File2
|
file
|
both
|
PHP
|
Unrestricted file upload vulnerability in includes/upload_file.php in DmCMS allows remote attackers to upload arbitrary PHP scripts by placing a script's contents in both the File2 and File3 parameters, and sending a ok.php?do=act Referer.
shared/code/tce_tmx.php in TCExam 4.0.011 and e
shared/code/tce_tmxphp
|
TCExam
|
shared/code/tce_tmx.php in TCExam 4.0.011 and earlier allows remote attackers to create arbitrary PHP files in cache/ by placing file contents and directory traversal manipulations into a SessionUserLang cookie to public/code/index.php.
Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x b
Firefox
|
Mozilla
|
before
|
15x
|
Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: this issue can be leveraged for phishing and other attacks.
index.php in Ryan Haudenschilt Family Connectio
Haudenschilt
|
Connections
|
indexphp
|
Family
|
Ryan
|
index.php in Ryan Haudenschilt Family Connections (FCMS) before 0.9 allows remote attackers to access an arbitrary account by placing the account's name in the value of an fcms_login_id cookie. NOTE: this can be leveraged for code execution via a POST with PHP code in the content parameter.
Sony Micro Vault Fingerprint Access Software, a
Fingerprint
|
distributed
|
directory
|
attackers
|
detection
|
installs
|
%WINDIR%
|
Software
|
placing
|
malware
|
driver
|
remote
|
Access
|
bypass
|
drives
|
might
|
files
|
allow
|
USM-F
|
Vault
|
Micro
|
flash
|
under
|
which
|
hides
|
Sony
|
USB
|
Sony Micro Vault Fingerprint Access Software, as distributed with Sony Micro Vault USM-F USB flash drives, installs a driver that hides a directory under %WINDIR%, which might allow remote attackers to bypass malware detection by placing files in this directory.
** DISPUTED ** Multiple PHP remote file inclus
vulnerabilities
|
inclusion
|
DISPUTED
|
Multiple
|
remote
|
file
|
PHP
|
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in php(Reactor) 1.2.7pl1 allow remote attackers to execute arbitrary PHP code via a URL in the pathtohomedir parameter to (1) ekilat.com-int.tpl.php, (2) phpreactor.org-top.tpl.php, or (3) ekilat.com-top.tpl.php in examples/. NOTE: this issue has been disputed by CVE, since the vulnerability is present only when the product is incorrectly installed by placing examples/ under the web root.
Software vulnerabilities results 1 to 20 of 22
Page:
1
2
►