CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 1999/06/22 12:0 a.m.•68 views

Multiple Vendor test-cgi Arbitrary File Access

The remote web server contains the 'test-cgi' test script, which is included by default with some web servers. The version of this script on the remote host fails to quote input to several environment variables, such as 'QUERYSTRING', before echoing it back as part of a shell script. An...

5CVSS5.6AI score0.85207EPSS

Tenable Nessus•added 1999/06/22 12:0 a.m.•134 views

NCDSA HTTPd nph-test-cgi Arbitrary Directory Listing

The remote web server contains the 'nph-test-cgi' test script, which is included by default with some web servers. The version of this script on the remote host fails to quote input to several environment variables, such as 'QUERYSTRING', before echoing it back as part of a shell script. An...

7.5CVSS5.6AI score0.37114EPSS

Exploits0References1

exploitpack•added 1999/06/03 12:0 a.m.•28 views

Apple Mac OSX Server 10.0 - Overload

Apple Mac OSX Server 10.0 - Overload source: https://www.securityfocus.com/bid/306/info A vulnerability in the MacOS X Server may crash it while under heavy load. The vulnerability appears while stress testing a server running the Apache web server and 32 or more process are concurntly doing HTTP...

Exploit DB•added 1999/06/03 12:0 a.m.•45 views

Apple Mac OSX Server 10.0 - Overload

source: https://www.securityfocus.com/bid/306/info A vulnerability in the MacOS X Server may crash it while under heavy load. The vulnerability appears while stress testing a server running the Apache web server and 32 or more process are concurntly doing HTTP GET request to a CGI script in a loo...

NVD•added 1999/06/01 4:0 a.m.•10 views

CVE-1999-1063

CDomain whoisraw.cgi whois CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the fqdn parameter...

10CVSS7.6AI score0.04425EPSS

Exploits1References3

NVD•added 1999/02/19 5:0 a.m.•9 views

CVE-1999-1255

Hyperseek allows remote attackers to modify the hyperseek configuration by directly calling the admin.cgi program with an editfile action parameter...

5CVSS6.7AI score0.00429EPSS

NVD•added 1998/11/09 5:0 a.m.•8 views

CVE-1999-1155

LakeWeb Mail List CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address...

7.5CVSS0.02795EPSS

Exploits1References3

NVD•added 1998/08/04 4:0 a.m.•8 views

CVE-1999-0262

Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shell metacharacters in the query string...

7.5CVSS0.05383EPSS

NVD•added 1998/05/15 4:0 a.m.•7 views

CVE-1999-1179

Vulnerability in man.sh CGI script, included in May 1998 issue of SysAdmin Magazine, allows remote attackers to execute arbitrary commands...

7.5CVSS0.0083EPSS

Exploits0References1

exploitpack•added 1998/03/03 12:0 a.m.•16 views

Info2www 1.01.1 - CGI Input Handling

Info2www 1.01.1 - CGI Input Handling source: https://www.securityfocus.com/bid/1995/info The info2www script allows HTTP access to information stored in GNU EMACS Info Nodes. This script fails to properly parse input and can be used to execute commands on the server with permissions of the web...

NVD•added 1998/03/01 5:0 a.m.•6 views

CVE-1999-0266

The info2www CGI script allows remote file access or remote command execution...

7.5CVSS0.0373EPSS

Exploits1References1

exploitpack•added 1997/07/15 12:0 a.m.•11 views

NCSA httpd-campas 1.2 - sample script

NCSA httpd-campas 1.2 - sample script source: https://www.securityfocus.com/bid/1975/info Campas is a sample CGI script shipped with some older versions of NCSA HTTPd, an obsolete web server package. The versions that included the script could not be determined as the server is no longer...

7.3AI score

Exploit DB•added 1997/07/15 12:0 a.m.•25 views

NCSA httpd-campas 1.2 - sample script

source: https://www.securityfocus.com/bid/1975/info Campas is a sample CGI script shipped with some older versions of NCSA HTTPd, an obsolete web server package. The versions that included the script could not be determined as the server is no longer maintained, but version 1.2 of the script itse...

NVD•added 1996/12/10 5:0 a.m.•11 views

CVE-1999-0045

List of arbitrary files on Web host via nph-test-cgi script...

7.5CVSS0.37114EPSS

Exploits0References1

Exploit DB•added 1996/07/03 12:0 a.m.•51 views

Novell NetWare Web Server 2.x - convert.bas

source: https://www.securityfocus.com/bid/2025/info Novell NetWare Web Server 2.x versions came with a CGI written in BASIC called convert.bas. This script allows retrieval of files outside of the normal web server context. This can be accomplished simply by submitting the filename and path as a...

7AI score

exploitpack•added 1996/07/03 12:0 a.m.•13 views

Novell NetWare Web Server 2.x - convert.bas

Novell NetWare Web Server 2.x - convert.bas source: https://www.securityfocus.com/bid/2025/info Novell NetWare Web Server 2.x versions came with a CGI written in BASIC called convert.bas. This script allows retrieval of files outside of the normal web server context. This can be accomplished simp...

0.2AI score

exploitpack•added 1996/04/01 12:0 a.m.•12 views

Apache 0.8.x1.0.x NCSA HTTPd 1.x - test-cgi Directory Listing

Apache 0.8.x1.0.x NCSA HTTPd 1.x - test-cgi Directory Listing source: https://www.securityfocus.com/bid/2003/info NCSA HTTPd and comes with a CGI sample shell script, test-cgi, located by default in /cgi-bin. This script does not properly enclose an "ECHO" command in quotes, and as a result "shel...