Lucene search
K

5637 matches found

exploitpack
exploitpack
added 2001/12/17 12:0 a.m.23 views

webmin 0.91 - Directory Traversal

webmin 0.91 - Directory Traversal source: https://www.securityfocus.com/bid/3698/info Webmin is a web-based interface for system administration for Unix. Using any browser that supports tables and forms, you can setup user accounts, Apache, DNS, file sharing and so on. Webmin will run on most Uni...

Exploits0
CERT
CERT
added 2001/11/15 12:0 a.m.32 views

Digital Unix msgchk vulnerable to file contents disclosure via symlink redirection of profile

Overview msgchk, a part of the MH mail system, reads the user's .mhprofile in order to obtain configuration options. If the .mhprofile is linked to another file with illegal format, the first line of that file will be displayed in an error message by msgchk. Description msgchk is the portion of t...

2.1CVSS6AI score0.01107EPSS
Exploits1References1
CVE
CVE
added 2001/09/12 4:0 a.m.58 views

CVE-1999-1418

CVE-1999-1418 affects ICQ99 ICQ web server build 1701 with “Active Homepage” enabled. The vulnerability allows remote attackers to infer the existence of files on the server by comparing responses: a “404 Forbidden” when a file exists vs “404 not found” when it does not. The provided documents do...

5CVSS5.5AI score0.01309EPSS
Exploits0References2Affected Software1
CERT
CERT
added 2001/09/10 12:0 a.m.22 views

Beck GmbH IPC@CHIP HTTPD vulernable to arbitrary file disclosure

Overview The Beck IPC@CHIP web server permits intruders to access files outside the web root. Description The Beck IPC@CHIP is a single chip embedded webserver. The Web Server's root directory is set to / by default. Because of this default setting, an attacker can download arbitrary files from a...

7.5CVSS6.5AI score0.01727EPSS
Exploits1References2
exploitpack
exploitpack
added 2001/09/07 12:0 a.m.20 views

Power Up HTML 0.8033 Beta - Directory Traversal Arbitrary File Disclosure

Power Up HTML 0.8033 Beta - Directory Traversal Arbitrary File Disclosure source: https://www.securityfocus.com/bid/3304/info Power Up HTML is a set of HTML-like commands that can be placed into web pages. It provides a central routing point to simplify programming and customization of CGI script...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2001/09/07 12:0 a.m.37 views

Power Up HTML 0.8033 Beta - Directory Traversal Arbitrary File Disclosure

source: https://www.securityfocus.com/bid/3304/info Power Up HTML is a set of HTML-like commands that can be placed into web pages. It provides a central routing point to simplify programming and customization of CGI scripts. A vulnerability exists in Power Up HTML which allows directory traversa...

7AI score
Exploits0
securityvulns
securityvulns
added 2001/08/22 12:0 a.m.36 views

[SNS Advisory No.38] Trend Micro Virus Buster (Ver.3.5x) Remote File Disclosure With IUSER Privilege Vulnerability

---------------------------------------------------------------------- SNS Advisory No.38 Trend Micro Virus Buster Ver.3.5x Remote File Disclosure With IUSER Privilege Vulnerability Problem first discovered: Wed, 18 Jul 2001 Published: Mon, 20 Aug 2001...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2001/08/22 12:0 a.m.25 views

[SNS Advisory No.39] WinWrapper Professional 2.0 Remote Arbitrary File Disclosure Vulnerability

---------------------------------------------------------------------- SNS Advisory No.39 WinWrapper Professional 2.0 Remote Arbitrary File Disclosure Vulnerability Problem first discovered: Mon, 16 Jul 2001 Published: Mon, 20 Aug 2001...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2001/07/27 12:0 a.m.19 views

PHP-Nuke 5.0 - user.php Form Element Substitution

PHP-Nuke 5.0 - user.php Form Element Substitution source: https://www.securityfocus.com/bid/3107/info PHP-Nuke is a website creation/maintenance tool written in PHP3. If a malicious user may subtitute arbitrary values for image form elements in the PHP-Nuke User Registration Form by saving the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/07/27 12:0 a.m.29 views

PHP-Nuke 5.0 - 'user.php' Form Element Substitution

source: https://www.securityfocus.com/bid/3107/info PHP-Nuke is a website creation/maintenance tool written in PHP3. If a malicious user may subtitute arbitrary values for image form elements in the PHP-Nuke User Registration Form by saving the webpage locallyas 'user.php.html' and altering the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2001/07/18 12:0 a.m.41 views

QDAV-2001-7-3

Interactive Story File Disclosure Vulnerability qDefense Advisory Number QDAV-2001-7-3 Product: Interactive Story Vendor: Valerie Mates http://www.valeriemates.com Severity: Remote; Attacker may read arbitrary file Versions Affected: Version 1.3 Vendor Status: Vendor contacted; has released new...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/07/16 12:0 a.m.27 views

Interactive Story File Disclosure Vulnerability

Interactive Story File Disclosure Vulnerability qDefense Advisory Number QDAV-2001-7-3 Product: Interactive Story Vendor: Valerie Mates http://www.valeriemates.com Severity: Remote; Attacker may read arbitrary file Versions Affected: Version 1.3 Vendor Status: Vendor contacted; has released new...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2001/07/13 12:0 a.m.11 views

Horde 1.2.x2.1.3 and Imp 2.2.x3.1.2 - File Disclosure

Horde 1.2.x2.1.3 and Imp 2.2.x3.1.2 - File Disclosure source: https://www.securityfocus.com/bid/3067/info A vulnerability has been discovered in Horde Imp which may allow an attacker to access arbitrary system files. The issue occurs due to insufficient sanity checks on user-supplied URI...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/07/13 12:0 a.m.25 views

Horde 1.2.x/2.1.3 and Imp 2.2.x/3.1.2 - File Disclosure

source: https://www.securityfocus.com/bid/3067/info A vulnerability has been discovered in Horde Imp which may allow an attacker to access arbitrary system files. The issue occurs due to insufficient sanity checks on user-supplied URI parameters. By specifying a malicious INBOX file in a request,...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2001/07/06 12:0 a.m.15 views

Basilix Webmail 1.0 - File Disclosure

Basilix Webmail 1.0 - File Disclosure source: https://www.securityfocus.com/bid/2995/info Basilix is a web-based mail application. It offers features such as mail attachments, address book, multiple language and theme support. During operation, Basilix opens a PHP include file using a variable as...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/07/06 12:0 a.m.30 views

Basilix Webmail 1.0 - File Disclosure

source: https://www.securityfocus.com/bid/2995/info Basilix is a web-based mail application. It offers features such as mail attachments, address book, multiple language and theme support. During operation, Basilix opens a PHP include file using a variable as the filename that can be supplied...

7.4AI score
Exploits0
CERT
CERT
added 2001/06/22 12:0 a.m.25 views

ScreamingMedia SITEware does not adequately validate user input thereby allowing arbitrary file disclosure via directory traversal

Overview A vulnerability exists in ScreamingMedia's SiteWare Editor's Desktop that allows an intruder to read arbitrary files within the SiteWare web hierarchy. Description SiteWare Editor's Desktop is a web-based administration tool for manipulating ScreamingMedia content on a SiteWare web serve...

10CVSS6.1AI score0.14967EPSS
Exploits1References4
exploitpack
exploitpack
added 2001/06/21 12:0 a.m.10 views

1C: Arcadia Internet Store 1.0 - Arbitrary File Disclosure

1C: Arcadia Internet Store 1.0 - Arbitrary File Disclosure source: https://www.securityfocus.com/bid/2902/info 1C: Arcadia Internet Store is a online shopping utility for Microsoft Windows NT/2000 that is fully integratable with 1C: Enterprise, another popular Russian web-commerce utility. One of...

Exploits0
Exploit DB
Exploit DB
added 2001/06/21 12:0 a.m.31 views

1C: Arcadia Internet Store 1.0 - Arbitrary File Disclosure

source: https://www.securityfocus.com/bid/2902/info 1C: Arcadia Internet Store is a online shopping utility for Microsoft Windows NT/2000 that is fully integratable with 1C: Enterprise, another popular Russian web-commerce utility. One of the components of this package, 'tradecli.dll', allows use...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2001/06/18 12:0 a.m.32 views

DC Scripts DCShop Beta 1.0 02 - File Disclosure (1)

DC Scripts DCShop Beta 1.0 02 - File Disclosure 1 source: https://www.securityfocus.com/bid/2889/info DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential ord...

7.4AI score
Exploits0
Rows per page
Query Builder