5648 matches found
Drummond Miles A1Stats 1.0 - a1disp2.cgi Traversal Arbitrary File Read
Drummond Miles A1Stats 1.0 - a1disp2.cgi Traversal Arbitrary File Read source: https://www.securityfocus.com/bid/2705/info A1Stats is a CGI product by Drummon Miles used to report on a website's visitor traffic. Versions of this product fail to properly validate user-supplied input submitted as...
QNX RTOS 2.4 - File Disclosure
QNX RTOS 2.4 - File Disclosure source: https://www.securityfocus.com/bid/6751/info A vulnerability has been discovered in QNX Real-Time Operating System. It has been reported that an unauthorized user may access arbitrary files. This is possible by requesting the file through the location that th...
QNX RTOS 2.4 - File Disclosure
source: https://www.securityfocus.com/bid/6751/info A vulnerability has been discovered in QNX Real-Time Operating System. It has been reported that an unauthorized user may access arbitrary files. This is possible by requesting the file through the location that the FAT partition is mounted to...
PHPSlash 0.5.3 20.6.1 - URL Block Arbitrary File Disclosure
PHPSlash 0.5.3 20.6.1 - URL Block Arbitrary File Disclosure source: https://www.securityfocus.com/bid/2724/info PHPSlash is a widely used open source Groupware utility. PHPSlash contains a vulnerability which may disclose files readable to the webserver process on the underlying host to PHPSlash...
PHPSlash 0.5.3 2/0.6.1 - URL Block Arbitrary File Disclosure
source: https://www.securityfocus.com/bid/2724/info PHPSlash is a widely used open source Groupware utility. PHPSlash contains a vulnerability which may disclose files readable to the webserver process on the underlying host to PHPSlash users who can 'edit' URL blocks. Exploitation may result in...
Microsoft Internet Explorer 5.5 - File Disclosure
Microsoft Internet Explorer 5.5 - File Disclosure source: https://www.securityfocus.com/bid/2833/info Internet Explorer contains a flaw which could enable a remote web site operator to retrieve a known file from a visiting user's system. If a specially formed script containing GetObject function...
Microsoft Internet Explorer 5.5 - File Disclosure
source: https://www.securityfocus.com/bid/2833/info Internet Explorer contains a flaw which could enable a remote web site operator to retrieve a known file from a visiting user's system. If a specially formed script containing GetObject function with the known path to an existing file is embedde...
Shareplex 2.1.3.92.2.2 Beta - Arbitrary Local File Disclosure
Shareplex 2.1.3.92.2.2 Beta - Arbitrary Local File Disclosure source: https://www.securityfocus.com/bid/2535/info Shareplex is a database replication tool from Quest Software. Versions of the product contain a vulnerability which can permit local unprivileged users to read arbitrary files. The...
Shareplex 2.1.3.9/2.2.2 Beta - Arbitrary Local File Disclosure
source: https://www.securityfocus.com/bid/2535/info Shareplex is a database replication tool from Quest Software. Versions of the product contain a vulnerability which can permit local unprivileged users to read arbitrary files. The Qview component of Shareplex allows its user to specify a file...
Apache Tomcat 3.0 - Directory Traversal
source: https://www.securityfocus.com/bid/2518/info Apache Tomcat in a Windows NT environment could be led to traverse the normal directory structure and return requested files from outside of the document root. By including '/../' sequences along with specially chosen characters in requested URL...
IkonBoard 2.1.7b - Remote File Disclosure
IkonBoard 2.1.7b - Remote File Disclosure source: https://www.securityfocus.com/bid/2471/info Ikonboard is a perl-based discussion forum script from ikonboard.com. Versions of Ikonboard are vulnerable to remote disclosure of arbitrary files. By adding a null byte to the name of a requested file,...
IkonBoard 2.1.7b - Remote File Disclosure
source: https://www.securityfocus.com/bid/2471/info Ikonboard is a perl-based discussion forum script from ikonboard.com. Versions of Ikonboard are vulnerable to remote disclosure of arbitrary files. By adding a null byte to the name of a requested file, the attacker can defeat the script's inbui...
sendtemp.pl - Read Access to Files
sendtemp.pl - Read Access to Files !/usr/bin/perl -w sendtemp.pl: A part of the Amaya Web development server contains a file disclosure vulnerability, which allows remote, read access to files on the servers file system, as whichever user the httpd is running as. The Vulnerability is really quite...
sendtemp.pl Read Access to Files
Exploit for cgi platform in category web applications ================================ sendtemp.pl Read Access to Files ================================ !/usr/bin/perl -w sendtemp.pl: A part of the Amaya Web development server contains a file disclosure vulnerability, which allows remote, read...
sendtemp.pl - Read Access to Files
!/usr/bin/perl -w sendtemp.pl: A part of the Amaya Web development server contains a file disclosure vulnerability, which allows remote, read access to files on the servers file system, as whichever user the httpd is running as. The Vulnerability is really quite simple.. When the templ argument i...
Michael Lamont Savant HTTP Server 2.1 - Directory Traversal
source: https://www.securityfocus.com/bid/2697/info It is possible for an attacker to traverse the web folders of a Savant HTTP Server. Submitting a URL referring to a known directory or file, and appended with specific unicode characters, will disclose the contents of the requested resource. The...
thinking arts es.one 1.0 - Directory Traversal
source: https://www.securityfocus.com/bid/2385/info It is possible for a remote user to gain read access to directories and files outside the root directory of ES.One. Requesting a specially crafted URL by way of 'store.cgi', composed of '/../' sequences and appended with '%00' will disclose an...
itafrica webactive 1.0 - Directory Traversal
source: https://www.securityfocus.com/bid/2386/info It is possible for a remote user to gain read access to directories and files outside the root directory of ITAfrica WEBactive. Requesting a specially crafted URL composed of '../' sequences will disclose an arbitrary directory...
W3.ORG sendtemp.pl
Follows are details of a vunerability I recently discovered in W3.ORGS sendtemp.pl. Name: sendtemp.pl W3C. Remote: Yes Local: Yes Type: sendtemp.pl: A part of the Amaya Web development server contains a file disclosure vulnerability, which allows remote, read access to files on the servers file...
SilverPlatter WebSPIRS 3.3.1 - File Disclosure
SilverPlatter WebSPIRS 3.3.1 - File Disclosure source: https://www.securityfocus.com/bid/2362/info A remote user could gain read access to known files outside of the root directory where SilverPlatter WebSPIRS resides. Requesting a specially crafted URL composed of '../' sequences along with the...