Lucene search
K

3350 matches found

NVD
NVD
added 1999/09/09 4:0 a.m.17 views

CVE-1999-1377

Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. dot dot in the f parameter...

5CVSS6.7AI score0.02083EPSS
Exploits1References1
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.22 views

msie4.x-readfile.txt

Guninski's IE 4 file reading bug. http://www.geocities.com/ResearchTriangle/1711/read3.html There is a bug in Internet Explorer 4.x patched which allows reading local files and sending them to an arbitrary server. The problem is: if you add '%01someURL' after the URL, IE thinks that the document ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.34 views

msie.5.0-0.001.percent.txt

Date: Fri, 9 Apr 1999 07:15:12 +0300 From: Georgi Guninski To: [email protected] Subject: IE 5.0 security vulnerabilities - %01 bug again There is a security bug in Internet Explorer 5.0 which circumvents "Cross-frame security" and opens several security holes. This is a modification of the "%...

Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.33 views

msie4.01-jscript-security.txt

Date: Thu, 28 Jan 1999 04:53:31 PST From: Georgi Guninski To: [email protected] Subject: Javascript %01 bug in Internet Explorer There is a Javascript security bug in Internet Explorer 4.x patched, which circumvents "Cross-frame security" and opens several security holes. The probl...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.53 views

eeye.web.interfaces.txt

Date: Wed, 26 May 1999 06:58:27 -0000 From: Marc To: [email protected] Subject: Multiple Web Interface Security Holes Multiple Web Interface Security Holes Systems Affected CMail 2.3 FTGate 2,1,2,1 NTMail 4.20 Release Date May 26, 1999 Advisory Code AD05261999 Description: The following holes...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.40 views

webcom.cgi.guestbook.txt

Date: Fri, 9 Apr 1999 20:41:39 +0100 From: Mnemonix To: [email protected] Subject: Webcom's CGI Guestbook for Win32 web servers I reported a while back on Webcom's www.webcom.se CGI Guestbook wguest.exe and rguest.exe having a number of security problems where any text based file o...

7.4AI score
Exploits0
NVD
NVD
added 1999/07/21 4:0 a.m.22 views

CVE-1999-1165

GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to 1 gain root privileges via a malicious program in the .fingerrc file, or 2 read arbitrary files via symbolic links from .plan, .forward, or .project files...

7.2CVSS6.4AI score0.00464EPSS
Exploits1References3
NVD
NVD
added 1999/07/19 4:0 a.m.11 views

CVE-1999-1378

dbmlparser.exe CGI guestbook program does not perform a chroot operation properly, which allows remote attackers to read arbitrary files...

5CVSS6.7AI score0.01335EPSS
Exploits0References1
NVD
NVD
added 1999/05/26 4:0 a.m.21 views

CVE-1999-0771

The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. dot dot attack...

5CVSS6.7AI score0.06235EPSS
Exploits0References1
NVD
NVD
added 1999/05/07 4:0 a.m.25 views

CVE-1999-0736

The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files...

5CVSS6.7AI score0.44845EPSS
Exploits0References2
NVD
NVD
added 1999/05/01 4:0 a.m.29 views

CVE-1999-0487

The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files...

2.6CVSS6.7AI score0.13291EPSS
Exploits0References1
NVD
NVD
added 1999/05/01 4:0 a.m.17 views

CVE-2000-0412

The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file...

7.5CVSS6.7AI score0.02748EPSS
Exploits0References4
NVD
NVD
added 1999/03/01 5:0 a.m.20 views

CVE-1999-0386

Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL...

5CVSS6.4AI score0.19101EPSS
Exploits0References2
exploitpack
exploitpack
added 1999/02/22 12:0 a.m.28 views

Qbik WinGate Standard 3.0.5 - Log Service Directory Traversal

Qbik WinGate Standard 3.0.5 - Log Service Directory Traversal source: https://www.securityfocus.com/bid/507/info The WinGate log service is configured by default to only allow connections from 127.0.0.1, but can be set to allow connections from anywhere. Either way, there is a vulnerability that...

0.4AI score
Exploits0
NVD
NVD
added 1999/02/11 5:0 a.m.18 views

CVE-1999-1375

FileSystemObject FSO in the showfile.asp Active Server Page ASP allows remote attackers to read arbitrary files by specifying the name in the file parameter...

5CVSS6.7AI score0.30548EPSS
Exploits1References2
NVD
NVD
added 1999/01/26 5:0 a.m.14 views

CVE-1999-0347

Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character...

10CVSS6.3AI score0.07463EPSS
Exploits0References2
exploitpack
exploitpack
added 1998/12/15 12:0 a.m.22 views

Greg Matthews - Classifieds.cgi 1.0 MetaCharacter

Greg Matthews - Classifieds.cgi 1.0 MetaCharacter source: https://www.securityfocus.com/bid/2020/info Classifieds.cgi is a perl script part of the classifieds package by Greg Matthews which provides simple classified ads to web sites. Due to improper input validation it can be used to read files ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 1998/12/15 12:0 a.m.38 views

Greg Matthews - 'Classifieds.cgi' 1.0 MetaCharacter

source: https://www.securityfocus.com/bid/2020/info Classifieds.cgi is a perl script part of the classifieds package by Greg Matthews which provides simple classified ads to web sites. Due to improper input validation it can be used to read files on the host machine, with the privileges of the we...

7.4AI score
Exploits0
NVD
NVD
added 1998/07/07 4:0 a.m.8 views

CVE-1999-1437

ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml...

7.5CVSS0.02718EPSS
Exploits0References3
NVD
NVD
added 1998/01/27 5:0 a.m.8 views

CVE-1999-0264

htmlscript CGI program allows remote read access to files...

5CVSS0.05853EPSS
Exploits0References1
Rows per page
Query Builder