Searching uploading software vulnerabilities

The default configuration of the Sun Java web s

configuration | arbitrary | attackers | boardhtml | uploading | commands | compiler | directly | earlier | default | calling | execute | servlet | remote | server | allows | then | Java | code | JSP | web | Sun | via |

The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet.


The administration module in Sun Java web serve

comsunserverhttppagecompilejsp92JspServlet | administration | requesting | arbitrary | attackers | /servlet/ | uploading | commands | execute | invoke | module | begins | remote | allows | server | Java | code | web | tag | URL | Sun |

The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag.


dcboard.cgi in DCForum 2000 1.0 allows remote a

dcboardcgi | DCForum |

dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arbitrary commands by uploading a Perl program to the server and using a .. (dot dot) in the AZ parameter to reference the program.


Transsoft Broker 5.9.5.0 allows remote attacker

Transsoft | Broker |

Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.


Buffer overflow in EFTP 2.0.7.337 allows remote

overflow | Buffer | EFTP |

Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .lnk file containing a large number of characters.


SSH 1 through 3, and possibly other versions, a

world-writeable | restricted | directory | uploading | executing | possibly | versions | through | normal | access | script | shells | bypass | allows | local | other | shell | rbash | users | gain | such | rksh | then | SSH |

SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.


TUTOS 1.1 allows remote attackers to execute ar

file_newphp | repository | containing | uploading | accessing | arbitrary | attackers | directly | uploaded | execute | request | remote | allows | using | TUTOS | then | code | via |

TUTOS 1.1 allows remote attackers to execute arbitrary code by uploading the code using file_new.php, then directly accessing the uploaded code via a request to the repository containing the code.


The Tutorials 2.0 module in XOOPS and E-XOOPS a

arbitrary | attackers | accessing | uploading | Tutorials | uploaded | directly | E-XOOPS | without | execute | allows | remote | module | image | XOOPS | then | type | code | file | MIME | PHP |

The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers to execute arbitrary code by uploading a PHP file without a MIME image type, then directly accessing the uploaded file.


PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x all

insufficiently | PeopleTools | PeopleSoft | uploading | arbitrary | attackers | guessing | commands | Servlet | IClient | execute | allows | random | remote | file | 81x | 84x | 82x |

PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to execute arbitrary commands by uploading a file to the IClient Servlet, guessing the insufficiently random (system time) name of the directory used to store the file, and directly requesting that file.


IglooFTP 0.6.1, when recursively uploading a di

IglooFTP |

IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP.


The SSL HTTP Server in HP Web-enabled Managemen

Web-enabled | Management | Software | through | Server | HTTP | SSL |

The SSL HTTP Server in HP Web-enabled Management Software 5.0 through 5.92, with anonymous access enabled, allows remote attackers to compromise the trusted certificates by uploading their own certificates.


Ipswitch WS_FTP Server 4.0.2 allows remote auth

Ipswitch | Server | WS_FTP |

Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to cause a denial of service (disk consumption) via a REST command with a large argument, then uploading a small file using the STOR command.


The file server in ActivePost Standard 3.1 and

authenticated | information | ActivePost | sensitive | uploading | Standard | success | message | reveals | earlier | allows | server | obtain | remote | users | which | file | path |

The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to obtain sensitive information by uploading a file, which reveals the path in a success message.


ADP Elite System Max 9000 allows remote authent

System | Elite | Max | ADP |

ADP Elite System Max 9000 allows remote authenticated users to gain privileges by uploading a .profile that sets the ADPROOT environment variable to the root directory.


The custom avatar uploading feature (uploader.p

uploading | feature | custom | avatar |

The custom avatar uploading feature (uploader.php) for XOOPS 2.0.9.2 and earlier allows remote attackers to upload arbitrary PHP scripts, whose file extensions are not filtered.


I-Man 0.9, and possibly earlier versions, allow

attachment | arbitrary | uploading | attackers | extension | possibly | versions | execute | earlier | allows | remote | I-Man | file | code | PHP |

I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension.


The "upload a language pack" feature in paFAQ 1

administrators | authenticated | arbitrary | uploading | malicious | language | commands | "upload | execute | feature | allows | remote | paFAQ | pack" | Beta | pack | PHP |

The "upload a language pack" feature in paFAQ 1.0 Beta 4 allows remote authenticated administrators to execute arbitrary PHP commands by uploading a malicious language pack.


admin/upprocess.php in DGNews 1.5 and earlier a

admin/upprocessphp | extensions | uploading | attackers | directory | arbitrary | scripts | earlier | execute | DGNews | allows | remote | code | img |

admin/upprocess.php in DGNews 1.5 and earlier allows remote attackers to execute arbitrary code by uploading scripts with arbitrary extensions to the img directory.


write_ok.php in Zeroboard 4.1 pl8, when install

application/x-httpd-php | assumed-safe | restrictions | demonstrated | write_okphp | executable | extensions | assigning | uploading | directive | installed | attackers | Zeroboard | extension | htaccess | mod_mime | assigns | handled | AddType | remote | bypass | allows | module | Apache | files | file | pl8 | txt |

write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with mod_mime, allows remote attackers to bypass restrictions for uploading files with executable extensions by uploading a .htaccess file that with an AddType directive that assigns an executable module to files with assumed-safe extensions, as demonstrated by assigning the txt extension to be handled by application/x-httpd-php.


Unspecified vulnerability in phpMyFAQ 1.6.9 and

vulnerability | Unspecified | phpMyFAQ |

Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when register_globals is enabled, allows remote attackers to "gain the privilege for uploading files on the server."


Software vulnerabilities results 1 to 20 of 85     
Page: 12345