CVE-2005-1667

DataTrac Activity Console 1.1 allows remote attackers to cause a denial of service via a long HTTP GET request...

CVE-2005-1667

DataTrac Activity Console 1.1 allows remote attackers to cause a denial of service via a long HTTP GET request...

CVE-2004-1991

CVE-2004-1991 affects Aldo’s Web Server (aweb) 1.5. The vulnerability is aDirectory traversal in an HTTP GET request that allows an attacker to view arbitrary files by supplying an improper path using .. (dot dot). The NVD metrics indicate a NETWORK attack vector with low complexity and no authen...

CVE-2004-1784

Buffer overflow in the web server of Webcam Watchdog 3.63 allows remote attackers to execute arbitrary code via a long HTTP GET request...

CVE-2004-1973

DiGi Web Server allows remote attackers to cause a denial of service CPU consumption via an HTTP GET request that contains a large number of / slash characters, which consumes resources when DiGi converts the slashes to \ backslash characters...

CVE-2004-1991

Directory traversal vulnerability in Aldo's Web Server aweb 1.5 allows remote attackers to view arbitrary files via a .. dot dot in an HTTP GET request...

CVE-2004-2033

Orenosv 0.5.9f allows remote attackers to cause a denial of service crash via a long HTTP GET request...

Ashleys Web Server - Denial of Service

Ashleys Web Server - Denial of Service include include include pragma commentlib, "ws232.lib" char doscore = "GET HTTP/1.0 " "\x3f\x3f\x3f\x3f\x3f\x2e\x48\x54\x4d\x4c\x3f\x74\x65\x73\x74\x76" "\x61\x72\x69\x61\x62\x6c\x65\x3d\x26\x6e\x65\x78\x74\x74\x65\x73"...

CVE-2005-0684

CVE-2005-0684 affects the MySQL MaxDB Webtool/WebTools in MaxDB before version 7.5.00.26. The vulnerability is a stack buffer overflow caused by improper handling of long HTTP GET requests containing a percent sign or long Lock-Token strings in WebDAV handling (WDVHandler_CommonUtils.c), allowing...

CVE-2001-1465

CVE-2001-1465 affects SurfControl SuperScout. The issue is in the packet-filtering logic that only filters packets containing both an HTTP GET request and a Host header; an attacker can bypass filtering by fragmenting traffic so that no single packet contains both elements. This is a local-access...

CVE-2000-1223

CVE-2000-1223 affects Quikstore Shopping Cart: quikstore.cgi is vulnerable to remote command execution via shell metacharacters in the URL portion of an HTTP GET request. The issue enables arbitrary commands to be executed on the server. Connected sources (Red Hat advisory, CVE records, and NVD) ...

sonicwallXSS.txt

SonicWALL SOHO/10 - XSS and Code Injection vulnerability ======================================================== Product: ======== SonicWall SOHO/10 is the 2nd generation Internet Security Appliance from Sonicwall, with firewall-, vpn-, contentfiltering- and other capabilities. Vulnerability:...

CVE-2005-1122

Format string vulnerability in cgi.c for Monkey daemon monkeyd before 0.9.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers aka "double expansion error"...

Logics Software LOG-FT - Arbitrary File Disclosure

Logics Software LOG-FT - Arbitrary File Disclosure source: https://www.securityfocus.com/bid/12998/info LOG-FT is reported prone to an arbitrary file disclosure vulnerability. This issue results from an access validation error and can allow a remote attacker to disclose sensitive data. It is...

profitcode software payprocart 3.0 - Directory Traversal

source: https://www.securityfocus.com/bid/13006/info ProfitCode Software PayProCart may allow a remote attacker to carry out directory traversal attacks. It is reported that this issue can be exploited by issuing a specially crafted HTTP GET request and supplying directory traversal sequences...

Logics Software LOG-FT - Arbitrary File Disclosure

source: https://www.securityfocus.com/bid/12998/info LOG-FT is reported prone to an arbitrary file disclosure vulnerability. This issue results from an access validation error and can allow a remote attacker to disclose sensitive data. It is reported that an attacker can simply issue a specially...

CVE-2002-1643

Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 9.0.2.768 allow remote attackers to execute arbitrary code via 1 a long Transport field in a SETUP RTSP request, 2 a DESCRIBE RTSP request with a long URL argument, or 3 two simultaneous HTTP GET requests with long arguments...

Newsscript - Access Validation

Newsscript - Access Validation source: https://www.securityfocus.com/bid/12761/info NewsScript is reported prone to an access validation vulnerability. This issue may allow an unauthorized attacker to add, modify and delete messages. It is reported that an attacker can exploit this issue by issui...

Newsscript - Access Validation

source: https://www.securityfocus.com/bid/12761/info NewsScript is reported prone to an access validation vulnerability. This issue may allow an unauthorized attacker to add, modify and delete messages. It is reported that an attacker can exploit this issue by issuing a specially crafted HTTP GET...

Computalynx CProxy 3.3/3.4.x - Directory Traversal

source: https://www.securityfocus.com/bid/12722/info CProxy is reported prone to a remote directory traversal vulnerability. This issue arises due to insufficient sanitization of user-supplied data. A remote user may exploit this issue to disclose arbitrary files and carry out a denial of service...