3351 matches found
CVE-2001-0321
opendir.php script in PHP-Nuke allows remote attackers to read arbitrary files by specifying the filename as an argument to the requesturl parameter...
CVE-1999-1488
sdrd daemon in IBM SP2 System Data Repository SDR allows remote attackers to read files without authentication...
CVE-1999-1550
bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter...
CVE-1999-1456
thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / slash character in the filename...
CVE-2000-1196
PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary files by specifying the target file in the errPagePath parameter...
CVE-2000-0180
Sojourn search engine allows remote attackers to read arbitrary files via a .. dot dot attack...
CVE-2001-0461
template.cgi in Free On-Line Dictionary of Computing FOLDOC allows remote attackers to read files and execute commands via shell metacharacters in the argument to template.cgi...
CVE-2000-0457
Summary: CVE-2000-0457 affects Microsoft IIS 4.0/5.0 via ISM.DLL, enabling remote disclosure of file contents by requesting a file and appending spaces and ".HTR" (the File Fragment Reading vulnerability). Affected component: ISM.DLL in IIS 4.0/5.0 handling .HTR requests. Impact: partial confiden...
CVE-1999-1117
CVE-1999-1117 affects IBM AIX 4.1 and 4.2 where the lquerypv component can be exploited locally to read arbitrary files by supplying a file path in the -h argument. The underlying issue is a local access vulnerability impacting confidentiality (per CVSS: Partial). No explicit exploit code, workar...
CVE-2001-1042
Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk link file that points to the target file...
CVE-2001-1042
Transsoft Broker 5.9.5.0 is vulnerable: an attacker can upload a .lnk file that points to a target file, enabling remote reading of arbitrary files and directories. Root cause: mis-handling of .lnk file uploads allows access to target paths. Impact: read access to arbitrary files/directories on t...
CVE-2001-1045
Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. dot dot in the requestidDUMMY parameter...
CVE-1999-1081
Vulnerability in files.pl script in Novell WebServer Examples Toolkit 2 allows remote attackers to read arbitrary files...
Faqmanager.cgi file read vulnerability
Description from official page: FAQmanager is one simple perl script that allow you to easily set up and maintain a FAQ Frequently Asked Questions. Vulnerability: Faqmanager can be used to read files on the server the httpd has access to. Example: faqmanager.cgi?toc=/etc/passwd00 will show the...
zml.cgi.txt
-----BEGIN PGP SIGNED MESSAGE----- --blackshell security advisory no2-- --zml.cgi remote exploit-- vendor details & history zml.cgi for webservers by jero.cc http://www.jero.cc/zml/zml.html details of exploit this is a classic CGI bug which uses ../../../../ to read remote files. example:...
CVE-2001-1204
Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. dot dot in the page parameter...
CVE-2001-0874
Internet Explorer 5.5 and 6.0 allow remote attackers to read certain files via HTML that passes information from a frame in the client's domain to a frame in the web site's domain, a variant of the "Frame Domain Verification" vulnerability...
CVE-2001-1247
PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the errorlog function to access the files...
CVE-2001-0804
Directory traversal vulnerability in story.pl in Interactive Story 1.3 allows a remote attacker to read arbitrary files via a .. dot dot attack on the "next" parameter...
CVE-2001-0807
The provided records indicate CVE-2001-0807 affects Internet Explorer 5.0 (and possibly other versions). The vulnerability allows a remote attacker from a malicious web page to read known text files from a client’s hard drive by using a SCRIPT tag with a SRC attribute that points to the local tex...