Lucene search
K

187 matches found

Exploit DB
Exploit DB
added 2003/06/02 12:0 a.m.27 views

Webchat 2.0 Module - Full Path Disclosure

source: https://www.securityfocus.com/bid/7774/info Webchat has been reported prone to a path disclosure weakness. Reportedly an attacker may make a malicious HTTP request for several Webchat PHP scripts to trigger the condition. Under some circumstances the request will trigger an exception,...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/05/28 12:0 a.m.109 views

Re: VP-ASP shopping cart software.

Hi, A small thing the original advisory author has not mentioned is that SQL injection is also possible allowing you to enter the administrative page with actually knowing the used administrator username and password, example: Username: 'or''=' i.e. enter just: 'or''=' Password: 'or''=' i.e. ente...

6.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/01/25 12:0 a.m.242 views

FastCGI Multiple Sample CGI XSS

Two sample CGI's supplied with FastCGI are vulnerable to cross-site scripting attacks. FastCGI is an 'open extension to CGI that provides high performance without the limitations of server specific APIs', and is included in the default installation of the 'Unbreakable' Oracle9i Application Server...

5.5AI score
Exploits0
NVD
NVD
added 2001/11/22 5:0 a.m.21 views

CVE-2001-0917

Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension...

5CVSS6.2AI score0.08176EPSS
Exploits0References6
Cvelist
Cvelist
added 2001/04/04 4:0 a.m.20 views

CVE-2001-0303

tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to determine the physical path of the server via a URL that requests a non-existent file...

6.3AI score0.01464EPSS
Exploits1References2
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.6 views

CVE-2025-64500: Incorrect parsing of PATH_INFO can lead to limited authorization bypass

More info at https://symfony.com/blog/cve-2025-64500-incorrect-parsing-of-path-info-can-lead-to-limited-authorization-bypass...

7.3CVSS6.6AI score0.01344EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.7 views

CVE-2025-64500: Incorrect parsing of PATH_INFO can lead to limited authorization bypass

More info at https://symfony.com/blog/cve-2025-64500-incorrect-parsing-of-path-info-can-lead-to-limited-authorization-bypass...

7.3CVSS6.6AI score0.01344EPSS
Exploits0Affected Software1
Rows per page
Query Builder