CVE-2011-1015

The iscgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / slash character at the beginning of the URI...

PhotoPost PHP <= 4.8c Multiple XSS Vulnerabilities - Active Check

PhotoPost PHP is prone to multiple cross-site scripting XSS vulnerabilities because it fails to properly sanitize user-supplied input. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Polycom SoundPoint IP Devices Denial Of Service

Hello, Polycom SoundPoint IP devices IP phones are vulnerable to Denial of Service attacks. Sending HTTP GET request with broken Authorization header effect a device restart after 60 seconds. It was tested on: SoundPoint IP 335 Version: 3.2.4.1734 SoundPoint IP 430 Version: 3.2.3.1734 SoundPoint ...

web@all <= 1.1 XSS Vulnerability - Active Check

web@all is prone to a cross-site scripting XSS vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Pandora FMS <= 3.1 Multiple Input Validation Vulnerabilities - Active Check

Pandora FMS is prone to an authentication bypass vulnerability as well as the following input-validation vulnerabilities: - A commandinjection vulnerability - Multiple SQL injection SQLi vulnerabilities - A remote file include RFI vulnerability - An arbitrary PHP code execution vulnerability -...

EasyFTP Server list.html path Stack Buffer Overflow

This module exploits a stack-based buffer overflow in EasyFTP Server 1.7.0.11 and earlier. EasyFTP fails to check input size when parsing the 'path' parameter supplied to an HTTP GET request, which leads to a stack based buffer overflow. EasyFTP allows anonymous access by default; valid credentia...

EasyFTP Server <= 1.7.0.11 list.html path Stack Buffer Overflow

$Id: easyftplist.rb 9936 2010-07-27 03:14:46Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

SQL Injection Vulnerability in SyntaxCMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in SyntaxCMS which could be exploited to execute arbitrary SQL commands in applications database. 1 SQL injection vulnerability in SyntaxCMS An input validation error exists in the "rowsperpage" parameter in...

CVE-2010-2102

Buffer overflow in Webby Webserver 1.01 allows remote attackers to execute arbitrary code via a long HTTP GET request...

Buffer overflow

Buffer overflow in Webby Webserver 1.01 allows remote attackers to execute arbitrary code via a long HTTP GET request...

CVE-2010-2102

Buffer overflow in Webby Webserver 1.01 allows remote attackers to execute arbitrary code via a long HTTP GET request...

CVE-2010-2102

CVE-2010-2102 describes a buffer overflow in Webby Webserver 1.01 triggered by a long HTTP GET request, enabling remote execution of arbitrary code. This is documented across multiple sources (NVD, CVE list) with a high impact score. The connected documents confirm the affected product/version an...

JpGraph <= 3.0.6 Multiple XSS Vulnerabilities

JpGraph is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Proxy-Pro Professional GateKeeper 4.7 GET Request Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Proxy-Pro...

Code injection

The Web Administrator service STEMWADM.EXE in Websense Personal Email Manager 7.1 before Hotfix 4 and Email Security 7.1 before Hotfix 4 allows remote attackers to cause a denial of service crash by sending a HTTP GET request to TCP port 8181 and closing the socket before the service can send a...

CVE-2009-3749

The Web Administrator service STEMWADM.EXE in Websense Personal Email Manager 7.1 before Hotfix 4 and Email Security 7.1 before Hotfix 4 allows remote attackers to cause a denial of service crash by sending a HTTP GET request to TCP port 8181 and closing the socket before the service can send a...

CVE-2009-3711

Stack-based buffer overflow in the hhandlepeer function in http.cpp in httpdx 1.4, and possibly 1.4.3, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP GET request...

Stack overflow

Stack-based buffer overflow in the hhandlepeer function in http.cpp in httpdx 1.4, and possibly 1.4.3, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP GET request...

DM FileManager <= 3.9.4 RFI Vulnerability - Active Check

DM FileManager is prone to a remote file inclusion RFI vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OCS Inventory NG < 1.02.1 Information Disclosure Vulnerability - Active Check

OCS Inventory NG is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...