Lucene search
K

2363 matches found

exploitpack
exploitpack
added 2000/06/09 12:0 a.m.31 views

3R Soft MailStudio 2000 2.0 - Arbitrary File Access

3R Soft MailStudio 2000 2.0 - Arbitrary File Access source: https://www.securityfocus.com/bid/1335/info MailStudio 2000 is vulnerable to multiple attacks. It is possible for a remote user to gain read access to all files located on the server via the usage of the "/.." string passed to a CGI,...

1.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2000/05/12 12:0 a.m.62 views

Gnapster Absolute Path Name Request Arbitrary File Access

An insecure Napster clone e.g. Gnapster or Knapster is running on the remote computer, which allows an intruder to read arbitrary files on this system, regardless of the shared status of the files. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10408; scriptversion...

7.5CVSS5.7AI score0.02748EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2000/04/25 12:0 a.m.23 views

MERCUR Mailserver Local Traversal Arbitrary File Access

According to its banner, the version of MERCUR Messaging running on the remote host has a directory traversal vulnerability. An authenticated, remote attacker could exploit this to read or write arbitrary files on the system. C Tenable Network Security, Inc. include"compat.inc"; ifdescription...

7.5CVSS5.5AI score0.01191EPSS
Exploits1References2
securityvulns
securityvulns
added 2000/04/13 12:0 a.m.133 views

TalentSoft Web+ Input Validation Bug Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sword & Shield Enterprise Security, Inc. - Security Advisory www.sses.net, Copyright c 2000 Advisory: TalentSoft Web+ Input Validation Bug Vulnerability Release Date: April 12, 2000 Application: webpsvr Severity: A remote user can access web server...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2000/04/12 12:0 a.m.12 views

TalentSoft Web+ 4.x - Directory Traversal

TalentSoft Web+ 4.x - Directory Traversal source: https://www.securityfocus.com/bid/1102/info Web+ is an e-commerce server designed to run under a webserver, to provide web storefronts. The various scripts that are required to do this are specified to the webpsvr daemon via a 'script' variable...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2000/04/12 12:0 a.m.31 views

TalentSoft Web+ 4.x - Directory Traversal

source: https://www.securityfocus.com/bid/1102/info Web+ is an e-commerce server designed to run under a webserver, to provide web storefronts. The various scripts that are required to do this are specified to the webpsvr daemon via a 'script' variable passed to the webplus CGI. This CGI can be...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2000/04/12 12:0 a.m.35 views

Netscape PSCOErrPage.htm errPagePath Parameter Traversal Arbitrary File Access

The '/PSUser/PSCOErrPage.htm' CGI allows a malicious user to view any file on the target computer by issuing a GET request : GET /PSUser/PSCOErrPage.htm?errPagePath=/file/to/read %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

5CVSS5.5AI score0.0377EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2000/04/12 12:0 a.m.49 views

TalentSoft Web+ webplus CGI Traversal Arbitrary File Access

The 'webplus' CGI allows an attacker to view any file on the target computer by requesting : GET /cgi-bin/webplus?script=/../../../../etc/passwd %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid10367; scriptversion"1.33"; scriptcveid"CVE-2000-0282"...

5CVSS5.4AI score0.0777EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2000/04/03 12:0 a.m.60 views

Stalker CommuniGate Pro 3.2.4 - Arbitrary File Read

source: https://www.securityfocus.com/bid/1493/info A vulnerability exists in the CommuniGate Pro product, from Stalker. It is possible to exploit this vulnerability to read arbitrary files on the filesystem. As CommuniGate Pro runs as root, any file can be accessed. Using this flaw, it is possib...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2000/03/17 12:0 a.m.53 views

Sojourn Search Engine sojourn.cgi cat Parameter Traversal Arbitrary File Access

The 'sojourn.cgi' CGI is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid10349;...

5CVSS5.4AI score0.07396EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2000/02/08 12:0 a.m.155 views

Microsoft IIS idq.dll Traversal Arbitrary File Access

There is a vulnerability in idq.dll which allows any remote user to read any file on the target system through the 'query.idq' parameter. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid10115; scriptversion"1.38";...

5CVSS5.5AI score0.45661EPSS
Exploits0References2
CVE
CVE
added 2000/02/04 5:0 a.m.163 views

CVE-1999-0737

CVE-1999-0737 : The IIS/Site Server sample file viewcode.asp allows remote attackers to read arbitrary files, causing information disclosure. Affected component: the viewcode.asp file on Microsoft Internet Information Services (IIS) / Site Server. Root cause: the file exposes the server’s filesys...

5CVSS6.7AI score0.28085EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2000/01/09 12:0 a.m.26 views

AltaVista Intranet Search CGI query Traversal Arbitrary File Access

It is possible to read the content of any files on the remote host such as your configuration files or other sensitive data by using the Altavista Intranet Search service, and performing the request: %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

5CVSS5.5AI score0.05917EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2000/01/09 12:0 a.m.27 views

Home Free search.cgi Traversal Arbitrary File Access

The remote web server contains a CGI script that fails to sanitize user input to the 'letter' parameter of the 'search.cgi' script of directory traversal sequences. An unauthenticated attacker can exploit this issue to read arbitrary files from the affected host, subject to the privileges under...

5CVSS5.8AI score0.05836EPSS
Exploits0References2
NVD
NVD
added 2000/01/06 5:0 a.m.14 views

CVE-2000-0044

Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands...

10CVSS6.8AI score0.03072EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 1999/12/13 12:0 a.m.69 views

Matt Wright FormHandler.cgi Arbitrary File Access

The 'FormHandler.cgi' CGI application installed on the remote host is affected by an information disclosure vulnerability that lets anyone read arbitrary files with the privileges of the web server. An unauthenticated, remote attacker can exploit this to disclose sensitive information, which coul...

5CVSS5.8AI score0.07851EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 1999/11/10 12:0 a.m.134 views

F5 BIG/ip bigconf.cgi file Parameter Arbitrary File Access

The 'bigconf' CGI is installed. This CGI has a well-known security flaw that allows an attacker to execute arbitrary commands with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

5CVSS5.9AI score0.08593EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 1999/11/05 12:0 a.m.3626 views

Web Server Directory Traversal Arbitrary File Access

It appears possible to read arbitrary files on the remote host outside the web server's document directory using a specially crafted URL. An unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. Note that this plugin is not limit...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/11/05 12:0 a.m.145 views

FTPGate Web Proxy Traversal Arbitrary File Access

It is possible to read arbitrary files on the remote server by prepending ../../ or ....\ in front of the file name. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10091; scriptversion "1.24"; scriptcvsdate"Date: 2018/08/10 18:07:08"; scriptnameenglish:"FTPGate Web...

5.7AI score
Exploits0
Cvelist
Cvelist
added 1999/09/29 4:0 a.m.24 views

CVE-1999-0466

The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device...

6.4AI score0.00348EPSS
Exploits0References1
Rows per page
Query Builder