Lucene search
K

873 matches found

securityvulns
securityvulns
added 2002/04/03 12:0 a.m.38 views

Partial access to local files via CSS in Internet Explorer

Via .oFile.cssText property of Link object it's possible to get partial content of any file with structure close to CSS...

3.2AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2002/02/03 12:0 a.m.16 views

PHP 4.x5.x MySQL Library - Safe_mode Filesystem Circumvention (2)

PHP 4.x5.x MySQL Library - Safemode Filesystem Circumvention 2...

Exploits0
NVD
NVD
added 2001/11/13 5:0 a.m.13 views

CVE-2001-0892

Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root such as .htpasswd via a GET request with a trailing /...

5CVSS6.5AI score0.01859EPSS
Exploits0References2
securityvulns
securityvulns
added 2001/09/08 12:0 a.m.37 views

sglMerchant Version 1.0

sglMerchant Version 1.0 by SeaGlass Technologies, Inc have the old bug ExploiT: www.server.com/cgi-shop/viewitem? HTMLFILE=../../../../../../etc/passwd00&KEY=1900- 0999 XP- TEAM DonHuan [email protected]...

3.2AI score
Exploits0
Cvelist
Cvelist
added 2001/05/24 4:0 a.m.18 views

CVE-2001-0480

Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... modified dot dot in the 1 GET or 2 CD commands...

6.7AI score0.01754EPSS
Exploits0References2
CVE
CVE
added 2001/01/22 5:0 a.m.36 views

CVE-2000-0912

The CVE-2000-0912 entry concerns the MultiHTML CGI script (multihtml.pl). Affected component: the multihtml.pl CGI. The underlying issue is a traversal/file-access vulnerability where the attacker can specify the file name via the multi parameter, enabling reading of arbitrary files on the remote...

5CVSS7.5AI score0.0364EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2000/09/12 12:0 a.m.75 views

Unsafe passing of variables to mailform.pl in MailForm V2.0

Title: Unsafe passing of variables to mailform.pl in MailForm V2.0 For Unix or NT Advisory Author: Karl Hanmore [email protected] Script URL: http://rlaj.com/scripts/mailform Script Author: Ranson Johnson Advisory Released: 11 September 2000 Vendor notified: [email protected] 05 Sept...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2000/07/24 12:0 a.m.35 views

Roxen security alert: Problems with URLs containing null characters.

Roxen 2.0 up to version 2.0.68 has a vulnerability where using URLs containing null characters can gain the browser access to information he is not authorized to: Directory listings in directories with index files In normal filesystems: the sourcecode for RXML files, Pike scripts, CGIs etc...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2000/07/15 12:0 a.m.26 views

IE 5.5 and 5.01 vulnerability - reading at least local and from any host text and parsed html files

Georgi Guninski security advisory 16, 2000 IE 5.5 and 5.01 vulnerability - reading at least local and from any host text and parsed html files Systems affected: IE 5.5, 5.01 / Win98 - probably other versions, have not tested Risk: Medium Disclaimer: The opinions expressed in this advisory and...

6.6AI score
Exploits0
Cvelist
Cvelist
added 2000/07/12 4:0 a.m.27 views

CVE-2000-0465

Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability...

6.5AI score0.20439EPSS
Exploits0References4
exploitpack
exploitpack
added 1999/05/25 12:0 a.m.43 views

Compaq Client Management Agents 3.704.0 Insight Management Agents 4.21 A4.22 A4.30 A Intelligent Cluster Administrator 1.0 Management Agents for Workstations 4.20 A Server Management Agents 4.23 Survey Utility 2.0 - Web File Access

Compaq Client Management Agents 3.704.0 Insight Management Agents 4.21 A4.22 A4.30 A Intelligent Cluster Administrator 1.0 Management Agents for Workstations 4.20 A Server Management Agents 4.23 Survey Utility 2.0 - Web File Access source: https://www.securityfocus.com/bid/282/info A vulnerabilit...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 1999/04/22 12:0 a.m.26 views

Microsoft Internet Explorer 4/5 - DHTML Edit ActiveX Control File Stealing / Cross Frame Access

source: https://www.securityfocus.com/bid/116/info Vulnerabilities in an ActiveX control distributed with Internet Explorer 5 and available for Internet Explorer 4 allow malicous web sites to steal local files and to bypass cross-frame security rules. The DHTML Edit Control Safe for Scripting...

7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.9 views

Security Update, February 13, 2002 (MSXML 2.6)

This update resolves the "XMLHTTP Control Can Allow Access to Local Files" security vulnerability in Microsoft XML MSXML 2.6 and Windows XP, and is discussed in Microsoft Security Bulletin MS02-008. Download now to help prevent a malicious user from reading the files on your computer when you vis...

7.2AI score
Exploits0
Rows per page
Query Builder