Lucene search
K

71 matches found

OSV
OSV
added 2021/06/06 10:15 p.m.5 views

UBUNTU-CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

9.8CVSS7.6AI score0.03285EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2021/06/06 9:4 p.m.3 views

CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

7.1AI score0.03285EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2021/06/06 9:4 p.m.48 views

CVE-2017-20005

NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow or a false modification date far in the future, when encountered by the autoindex module...

9.8CVSS9.8AI score0.03285EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2017/08/28 12:0 a.m.8 views

PT-2017-4158

Name of the Vulnerable Software and Affected Versions NGINX versions prior to 1.13.6 Description The issue is related to the autoindex module's incorrect handling of years exceeding four digits, which can cause an integer overflow. This can be triggered by a file with a modification date in the...

9.8CVSS7.7AI score0.62597EPSS
Exploits7References39
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

AutoIndex PHP Script (index.php) Directory Traversal Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

AutoIndex PHP Script 2.2.1 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25448/info AutoIndex PHP Script is prone a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

AutoIndex PHP Script 2.2.2/2.2.3 Index.PHP Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26410/info AutoIndex PHP Script is prone to a remote denial-of-service vulnerability because the application fails to properly handle unexpected input. Successfully exploiting this issue allows remote attackers to consume...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

AutoIndex PHP Script 2.2.2 PHP_SELF Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26411/info AutoIndex PHP Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2011/06/22 11:31 p.m.6 views

apr: unconstrained recursion in apr_fnmatch

Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows...

4.3CVSS7.2AI score0.30406EPSS
Exploits5References4
RedHat Linux
RedHat Linux
added 2011/06/22 11:14 p.m.8 views

apr: unconstrained recursion in apr_fnmatch

Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows...

4.3CVSS7.2AI score0.30406EPSS
Exploits5References4
OSV
OSV
added 2011/05/16 5:55 p.m.1 views

DEBIAN-CVE-2011-0419

Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows...

4.3CVSS6.5AI score0.30406EPSS
Exploits5References1
RedHat Linux
RedHat Linux
added 2011/05/11 10:23 p.m.6 views

apr: unconstrained recursion in apr_fnmatch

Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows...

4.3CVSS7.2AI score0.30406EPSS
Exploits5References4
RedHat Linux
RedHat Linux
added 2010/08/04 9:30 p.m.7 views

mod_autoindex XSS

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

6.1CVSS7.3AI score0.26188EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2010/01/07 12:0 a.m.27 views

AutoIndex PHP Script Directory Traversal

+===================================================================================+ ./SEC-R1Z / / / / /\ \ |/ / \ \ / / / / | | / | | / / \ / / / / | || / | | / / \ \ \ \2009 | \ | | / / / \ /\ / ||\ \ ||/ \ R.I.P MichaelJackson !!!!!...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2010/01/07 12:0 a.m.27 views

AutoIndex PHP Script - 'index.php' Directory Traversal

============================================================================== ? AutoIndex PHP Script index.php Directory Traversal Vulnerability ============================================================================== ? My home: http://sec-r1z.com ? Script: AutoIndex PHP Script ? Language:...

7.4AI score
Exploits0
0day.today
0day.today
added 2010/01/07 12:0 a.m.33 views

AutoIndex PHP Script (index.php) Directory Traversal Vulnerability

Exploit for unknown platform in category web applications ================================================================== AutoIndex PHP Script index.php Directory Traversal Vulnerability ================================================================== ? Script: AutoIndex PHP Script ? Languag...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2010/01/07 12:0 a.m.19 views

AutoIndex PHP Script - index.php Directory Traversal

AutoIndex PHP Script - index.php Directory Traversal ============================================================================== ? AutoIndex PHP Script index.php Directory Traversal Vulnerability ============================================================================== ? My home:...

0.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2008/06/30 3:29 p.m.8 views

mod_autoindex XSS

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

6.1CVSS7.3AI score0.26188EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/05/20 2:12 p.m.7 views

mod_autoindex XSS

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

6.1CVSS7AI score0.26188EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/01/15 9:38 a.m.5 views

mod_autoindex XSS

Cross-site scripting XSS vulnerability in modautoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that th...

6.1CVSS7.3AI score0.26188EPSS
Exploits0References4
Rows per page
Query Builder