Posts Tagged ‘traversal’

Android Gmail Attachment Download Directory Traversal

There is a directory traversal issue in attachment downloads in Gmail. For non-gmail accounts, there is no path sanitization on the attachment filename in the email, so when attachments are downloaded, a file with any name and any contents can be written to anywhere on the filesystem that the Gmail app can access. Source: Android […]


Cloudview NMS 2.00b Writable Directory Traversal Execution

This Metasploit module exploits a vulnerability found in Cloudview NMS server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the file system, which results in code execution under the context ‘SYSTEM’. Source: Cloudview NMS 2.00b Writable Directory Traversal Execution