CVE-2004-2221

CVE-2004-2221 describes a buffer overflow in the SoftCart.exe CGI of Mercantec SoftCart 4.00b. The vulnerability allows remote attackers to execute arbitrary code by sending a long parameter in an HTTP GET request. Public references show Metasploit and Exploit-DB demonstrations of an exploit for ...

CVE-2004-2224

Appfoundry Message Foundry 2.75 .0003 allows remote attackers to cause a denial of service crash via an HTTP GET request that contains MS-DOS device names such as com1...

EUVD-2002-1883

Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long HTTP GET request...

CVE-2002-1907

TelCondex SimpleWebServer 2.06.20817 is reported affected. A remote attacker can cause a denial-of-service (crash) by sending a long HTTP GET request, per CVE-2002-1907. The CVSS data indicates network access, low attack complexity, no authentication, and a partial availability impact (base score...

CVE-2002-1951

CVE-2002-1951 describes a buffer overflow in GoAhead WebServer 2.1 . An attacker can trigger the overflow by sending a long HTTP GET request with a large number of subdirectories, potentially enabling remote code execution. The available documents do not provide specific details on the vulnerable...

CVE-2002-1905

CVE-2002-1905 describes a buffer overflow in the Polycom ViaVideo web server (versions 2.2 and 3.0) that can be triggered by a long HTTP GET request, leading to remote denial of service (crash). Affected software: Polycom ViaVideo web server (2.2, 3.0). Root cause: improper handling of long HTTP ...

CVE-2002-1816

Off-by-one buffer overflow in the sockgets function in sockhelp.c for ATPhttpd 0.4b and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request...

CVE-2002-1828

Savant Webserver 3.1 allows remote attackers to cause a denial of service crash via an HTTP GET request with a negative Content-Length value...

CVE-2002-1951

Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories...

CVE-2002-1941

Buffer overflow in RadioBird WebServer 4 Everyone 1.28 allows remote attackers to cause a denial of service crash via a long HTTP GET request with the Host header set...

CVE-2002-1816

Off-by-one buffer overflow in the sockgets function in sockhelp.c for ATPhttpd 0.4b and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request...

CVE-2002-1907

TelCondex SimpleWebServer 2.06.20817 allows remote attackers to cause a denial of service crash via a long HTTP GET request...

CVE-2005-1909

The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log files via a "!-" sequence in an HTTP GET request in the logon, possibly due to a cross-site scripting XSS vulnerability...

CVE-2005-1909

The CVE-2005-1909 entry concerns the 602LAN SUITE 2004 web server control panel where remote attackers can disrupt administrator log readability by sending a GET request containing a

CVE-2005-1909

The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log files via a "!-" sequence in an HTTP GET request in the logon, possibly due to a cross-site scripting XSS vulnerability...

MiniShare Webserver HTTP GET Request Remote Overflow

MiniShare 1.4.1 and prior versions are affected by a buffer overflow flaw. A remote attacker could execute arbitrary commands by sending a specially crafted file name in a the GET request. Version 1.3.4 and below do not seem to be vulnerable. written by Gareth Phillips - SensePost PTY ltd...

Invision Power Board 1.x - Unauthorized Access

Invision Power Board 1.x - Unauthorized Access source: https://www.securityfocus.com/bid/13802/info Invision Power Board is affected by an unauthorized access vulnerability. Reportedly, a moderator can edit forum posts owned by other moderators through an HTTP GET request without providing...

CVE-2004-2071

CVE-2004-2071 affects Macallan Mail Solution 2.8.4.6 (Build 260) and possibly earlier versions. The vulnerability allows an attacker to bypass authentication in the web interface by issuing an HTTP GET request containing two slashes (//) after the server name. The affected component is the web in...

CVE-2005-1667

DataTrac Activity Console 1.1 is affected by CVE-2005-1667, where a remote attacker can cause a denial of service by sending a long HTTP GET request. The connected documents confirm the affected product/version and the impact (DoS), but do not provide any remediation details or exploitation speci...

CVE-2005-1667

DataTrac Activity Console 1.1 allows remote attackers to cause a denial of service via a long HTTP GET request...