arbitrary upload – WindowsTechs.com

VU#294272: ReadyDesk contains multiple vulnerabilities

Posted on August 16, 2016 by CERT

ReadyDesk,version 9.1 and possibly others,contains SQL injection,path traversal,hard-coded cryptographic key,and arbitrary file upload vulnerabilities that may be leveraged to expose sensitive data and execute arbitrary code in the context of the vulnerable software. Continue reading VU#294272: ReadyDesk contains multiple vulnerabilities→

VU#777024: Netgear Management System NMS300 contains arbitrary file upload and path traversal vulnerabilities

Posted on February 3, 2016 by CERT

Netgear Management System NMS300,version 1.5.0.11 and earlier,is vulnerable to arbitrary file upload,which may be leveraged by unauthenticated users to execute arbitrary code with SYSTEM privileges. A directory traversal vulnerability enables authenticated users to download arbitrary files. Continue reading VU#777024: Netgear Management System NMS300 contains arbitrary file upload and path traversal vulnerabilities→