5637 matches found
DC Scripts DCShop Beta 1.0 02 - File Disclosure (2)
DC Scripts DCShop Beta 1.0 02 - File Disclosure 2 source: https://www.securityfocus.com/bid/2889/info DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential ord...
DC Scripts DCShop Beta 1.0 02 - File Disclosure (1)
source: https://www.securityfocus.com/bid/2889/info DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential order data, including credit card and other private...
DC Scripts DCShop Beta 1.0 02 - File Disclosure (2)
source: https://www.securityfocus.com/bid/2889/info DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential order data, including credit card and other private...
Microsoft Internet Information Server (IIS) discloses contents of files via crafted request containing "%3F+.htr"
Overview A vulnerability exists in Microsoft Information Server IIS in which a crafted HTTP GET request may return the contents of a file on the affected server. A possible target of such a request might be a script that should only be executable not readable by unauthenticated remote users. The...
Microsoft Internet Information Server (IIS) discloses contents of files via crafted request containing "+.htr"
Overview A vulnerability exists in Microsoft Internet Information Server IIS that could disclose sensitive information contained in CGI-type files. Typically a CGI/script file on a web server should only be executable and not readable to remote users. Sensitive information contained in CGI-type...
SiteWare 2.53.03.1 Editor Desktop - Directory Traversal
SiteWare 2.53.03.1 Editor Desktop - Directory Traversal source: https://www.securityfocus.com/bid/2868/info Screaming Media is a provider for custom web content. SiteWare Editor Desktop is the web-based administration tool for managing Screaming Media content. SiteWare Editor Desktop is prone to...
Apache 1.3.14 - Mac File Protection Bypass
Apache 1.3.14 - Mac File Protection Bypass source: https://www.securityfocus.com/bid/2852/info A vulnerability exists when Apache webserver is used with Mac OS X Client. The standard filesystem for Mac OS X is HFS+. HFS+ is case insensitive while Apache's filtering is case sensitive. The result i...
Security Bulletin MS01-025
---------------------------------------------------------------------- Title: Index Server Search Function Contains Unchecked Buffer Date: 10 May 2001 Software: Index Server 2.0, Indexing Service for Windows 2000 Impact: Run code of attacker's choice; file disclosure Bulletin: MS01-025 Microsoft...
Дырки в Microsoft IndexServer (buffer overflow, file disclosure)
Переполнение буфера и новая разновидность Hit Highliting...
Drummond Miles A1Stats 1.0 - a1disp2.cgi Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - a1disp2.cgi Traversal Arbitrary File Read source: https://www.securityfocus.com/bid/2705/info A1Stats is a CGI product by Drummon Miles used to report on a website's visitor traffic. Versions of this product fail to properly validate user-supplied input submitted as...
QNX RTOS 2.4 - File Disclosure
QNX RTOS 2.4 - File Disclosure source: https://www.securityfocus.com/bid/6751/info A vulnerability has been discovered in QNX Real-Time Operating System. It has been reported that an unauthorized user may access arbitrary files. This is possible by requesting the file through the location that th...
QNX RTOS 2.4 - File Disclosure
source: https://www.securityfocus.com/bid/6751/info A vulnerability has been discovered in QNX Real-Time Operating System. It has been reported that an unauthorized user may access arbitrary files. This is possible by requesting the file through the location that the FAT partition is mounted to...
PHPSlash 0.5.3 20.6.1 - URL Block Arbitrary File Disclosure
PHPSlash 0.5.3 20.6.1 - URL Block Arbitrary File Disclosure source: https://www.securityfocus.com/bid/2724/info PHPSlash is a widely used open source Groupware utility. PHPSlash contains a vulnerability which may disclose files readable to the webserver process on the underlying host to PHPSlash...
PHPSlash 0.5.3 2/0.6.1 - URL Block Arbitrary File Disclosure
source: https://www.securityfocus.com/bid/2724/info PHPSlash is a widely used open source Groupware utility. PHPSlash contains a vulnerability which may disclose files readable to the webserver process on the underlying host to PHPSlash users who can 'edit' URL blocks. Exploitation may result in...
Microsoft Internet Explorer 5.5 - File Disclosure
Microsoft Internet Explorer 5.5 - File Disclosure source: https://www.securityfocus.com/bid/2833/info Internet Explorer contains a flaw which could enable a remote web site operator to retrieve a known file from a visiting user's system. If a specially formed script containing GetObject function...
Microsoft Internet Explorer 5.5 - File Disclosure
source: https://www.securityfocus.com/bid/2833/info Internet Explorer contains a flaw which could enable a remote web site operator to retrieve a known file from a visiting user's system. If a specially formed script containing GetObject function with the known path to an existing file is embedde...
Shareplex 2.1.3.92.2.2 Beta - Arbitrary Local File Disclosure
Shareplex 2.1.3.92.2.2 Beta - Arbitrary Local File Disclosure source: https://www.securityfocus.com/bid/2535/info Shareplex is a database replication tool from Quest Software. Versions of the product contain a vulnerability which can permit local unprivileged users to read arbitrary files. The...
Shareplex 2.1.3.9/2.2.2 Beta - Arbitrary Local File Disclosure
source: https://www.securityfocus.com/bid/2535/info Shareplex is a database replication tool from Quest Software. Versions of the product contain a vulnerability which can permit local unprivileged users to read arbitrary files. The Qview component of Shareplex allows its user to specify a file...
Apache Tomcat 3.0 - Directory Traversal
source: https://www.securityfocus.com/bid/2518/info Apache Tomcat in a Windows NT environment could be led to traverse the normal directory structure and return requested files from outside of the document root. By including '/../' sequences along with specially chosen characters in requested URL...
IkonBoard 2.1.7b - Remote File Disclosure
IkonBoard 2.1.7b - Remote File Disclosure source: https://www.securityfocus.com/bid/2471/info Ikonboard is a perl-based discussion forum script from ikonboard.com. Versions of Ikonboard are vulnerable to remote disclosure of arbitrary files. By adding a null byte to the name of a requested file,...