1746 matches found
Kolibri WebServer HTTP GET Request Handling Buffer Overflow
Added: 08/07/2014 CVE: CVE-2014-4158 BID: 68195 OSVDB: 108090 Background SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content. Problem Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly...
Kolibri WebServer HTTP GET Request Handling Buffer Overflow
Added: 08/07/2014 CVE: CVE-2014-4158 BID: 68195 OSVDB: 108090 Background SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content. Problem Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly...
Two Reflected Cross-Site Scripting (XSS) Vulnerabilities in Forma Lms
High-Tech Bridge Security Research Lab discovered two vulnerabilities in Forma Lms, which can be exploited to perform Cross-Site Scripting XSS attacks against vulnerable website. 1 Reflected Cross-Site Scripting XSS in Forma Lms: CVE-2014-5257 1.1 The vulnerability exists due to insufficient...
BitDefender Products HTTP Daemon < 5.1.11.432 Directory Traversal Vulnerability - Active Check
BitDefender is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
WordPress Game-Tabs plugin 'n' Parameter Cross Site Scripting Vulnerability
WordPress Game-Tabs Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Invision Power Board 1.x Unauthorized Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13802/info Invision Power Board is affected by an unauthorized access vulnerability. Reportedly, a moderator can edit forum posts owned by other moderators through an HTTP GET request without providing sufficient...
Snowblind Web Server 1.0/1.1 HTTP GET Request Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7619/info Snowblind Web Server has been reported prone to a buffer overflow vulnerability. The vulnerability exists when the web server attempts to process HTTP requests of excessive length. Although unconfirmed, this...
Loom Software SurfNow 1.x/2.x Remote HTTP GET Request Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9519/info A problem has been identified in the handling of specific types of requests by SurfNOW. Upon receiving specially crafted HTTP GET requests, it is possible for a remote attacker to crash a vulnerable...
profitcode software payprocart 3.0 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13006/info ProfitCode Software PayProCart may allow a remote attacker to carry out directory traversal attacks. It is reported that this issue can be exploited by issuing a specially crafted HTTP GET request and supplying...
ONO Hitron CDE-30364 Router - Denial of Service
No description provided by source. !/usr/bin/python ----------------------------------------------------------------------------------------- Description: ----------------------------------------------------------------------------------------- Hitron Technologies CDE-30364 is a famous ONO Router...
Red Hat Apache 2.0.40 Directory Index Default Configuration Error
No description provided by source. source: http://www.securityfocus.com/bid/8898/info The Red Hat Apache configuration may allow an attacker to view directory listings. The problem is reported to present itself when an attacker issues an HTTP GET request to a vulnerable server containing '//'...
Microsoft IIS 5.0 False Content-Length Field DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3667/info Microsoft IIS 5.0 may be prone to a denial of service condition when sent a specially crafted malformed HTTP GET header. If an IIS 5.0 web server is sent a crafted HTTP GET request which contains a falsified and...
Polycom SoundPoint IP Devices Denial of Service
No description provided by source. Source: http://packetstormsecurity.org/files/view/97948/polycomsoundpoint-dos.txt Hello, Polycom SoundPoint IP devices IP phones are vulnerable to Denial of Service attacks. Sending HTTP GET request with broken Authorization header effect a device restart after ...
IPSwitch IMail 6.x/7.0/7.1 Web Messaging HTTP Get Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5323/info IMail is a commercial email server software package distributed and maintained by Ipswitch, Incorporated. IMail is available for Microsoft Operating Systems. The web messaging server is vulnerable to a buffer...
Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
No description provided by source. !/usr/bin/perl Based on - apache-squ1rt.c exploit. Original credit goes to Chintan Trivedi on the FullDisclosure mailing list: http://seclists.org/lists/fulldisclosure/2004/Nov/0022.html More info - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942...
IBM HTTP Server 1.3 AfpaCache/WebSphereNet.Data DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2175/info IBM HTTP Server contains AfpaCache directive which turns the Fast Response Cache Accelerator function on or off. WebSphere is a series of applications which are built upon IBM HTTP Server. Both IBM HTTP Server a...
Proxy-Pro Professional GateKeeper 4.7 Web Proxy Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9716/info Proxy-Pro Professional GateKeeper is prone to a remotely exploitable buffer overrun that may be triggered by passing HTTP GET requests of excessive length through the web proxy component. This could be exploited...
PHP-Charts 1.0 - PHP Code Execution Vulnerability
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
Apache JackRabbit 2.0.0 webapp XPath Injection
No description provided by source. Title: Apache JackRabbit webapp XPath Injection Author: ADEO Security Published: 11/08/2010 Version: 2.0.0 Possible all versions Vendor: http://www.apache.org Download: http://www.apache.org/dyn/closer.cgi/jackrabbit/2.0.0/jackrabbit-2.0.0-src.zip Description:...
Allaire JRun 3 Directory Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1830/info Allaire JRun is a web application development suite with JSP and Java Servlets. Each web application directory contains a WEB-INF directory, this directory contains information on web application classes,...