287 matches found
Zope ZClass Permission Mapping Bug
The remote web server contains an application server that is prone to a privilege escalation flaw. Description : The remote web server uses a version of Zope which is older than version 2.3.3. In such versions, any user can visit a ZClass declaration and change the ZClass permission mappings for...
Mediahouse Statistics Web Server Multiple Vulnerabilities (2001)
Mediahouse Statistics web server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2001 Noam Rathaus SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...
LiteServe URL Decoding DoS Vulnerability
The remote web server dies when an URL consisting of a long invalid string of % is sent. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
WebLibs File Disclosure Vulnerability (Dec 2004) - Active Check
WebLibs is prone to a file disclosure vulnerability. SPDX-FileCopyrightText: 2004 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Web Administration Server Detection
We detected the remote web server as an Oracle Administration web server. This web server enables attackers to configure your Oracle Database server if they gain access to a valid authentication username and password. SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpt...
thttpd ssi file retrieval
The remote HTTP server allows an attacker to read arbitrary files on the remote web server, by employing a weakness in an included ssi package, by prepending pathnames with %2e%2e/ hex-encoded ../ to the pathname. Example: GET /cgi-bin/ssi//%2e%2e/%2e%2e/etc/passwd will return /etc/passwd...
AOLserver Default Password (HTTP)
The remote web server is running AOL web server AOLserver with the default username and password set. SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
phpBB <= 2.0.17 Multiple Vulnerabilities
The remote host is running a version of phpBB that, if using PHP 5 with 'registerglobals' enabled, fails to properly deregister global variables as well as failing to initialize several variables in various scripts. An attacker may be able to exploit these issues to execute arbitrary code or to...
CubeCart < 3.0.4 Multiple Script XSS
The remote version of CubeCart contains several cross-site scripting vulnerabilities due to its failure to properly sanitize user-supplied input of certain variables to the 'index.php' and 'cart.php' scripts. %NASLMINLEVEL 70300 Josh Zlatin-Amishav This script is released under the GNU GPLv2...
Hosting Controller <= 6.1 Hotfix 2.3 Information Disclosure Vulnerabilities
According to its version number, the installation of Hosting Controller on the remote host may allow customers to use PHP scripts to gain access to files outside of their directory, including those belonging to other customers, resellers, or the system itself. %NASLMINLEVEL 70300 C Tenable Networ...
Mail-it Now! Upload2Server Predictable Filename Upload Arbitrary Code Execution
The remote host is running Mail-it Now! Upload2Server, a free, PHP feedback form script supporting file uploads. The version of Upload2Server installed on the remote host stores uploaded files insecurely. An attacker may be able to exploit this flaw to upload a file with arbitrary code and then...
PHP-Fusion < 6.00.108 BBCode Nested URL Tag XSS
According to its version number, the remote host is running a version of PHP-Fusion that reportedly does not sufficiently sanitize input passed in nested 'url' BBcode tags before using it in a post. An attacker may be able to exploit this flaw to cause arbitrary script and HTML code to be execute...
Netquery <= 3.11 nquser.php host Parameter Arbitrary Command Execution
The remote host is running Netquery, a suite of network information utilities written in PHP. The installed version of Netquery lets an attacker execute arbitrary commands within the context of the affected web server user id by passing them through the 'host' parameter of the 'nquser.php' script...
RunCMS <= 1.2 Multiple Vulnerabilities
The version of RunCMS installed on the remote host allows attackers to overwrite arbitrary variables by passing them via a POST method and may also suffer from several SQL injection vulnerabilities resulting in, for example, disclosure of the admin password hash. %NASLMINLEVEL 70300 C Tenable...
Gallery PostNuke Integration Access Validation Privilege Escalation
The remote host is running Gallery, a web-based photo album. According to its banner, the version of Gallery installed on the remote host is subject to an access validation issue when integrated with PostNuke, as is the case on the remote host. The issue means that any user with any level of admi...
Cyberstrong eShop Multiple Script ProductCode Parameter SQL Injection
The remote host is running Cyberstrong eShop, a shopping cart written in ASP. The remote version of this software contains several input validation flaws leading to SQL injection vulnerabilities. An attacker may exploit these flaws to affect database queries, possibly resulting in disclosure of...
Simple Machines Forum msg Parameter SQL Injection Vulnerability
The remote host is running Simple Machines Forum SMF, an open source web forum application written in PHP. The installed version of SMF on the remote host fails to properly sanitize input to the 'msg' parameter before using it in SQL queries. By exploiting this flaw, an attacker can affect databa...
MyServer 0.8 Multiple Vulnerabilities
The remote host is running MyServer, an open source http server. This version is vulnerable to a directory listing flaw and cross-site scripting. An attacker can execute a cross-site scripting attack, or gain knowledge of certain system information of the server. %NASLMINLEVEL 70300 C Tenable...
IMP common-footer.inc Parent Frame Page Title XSS
According to its version, the remote installation of IMP fails to fully sanitize user-supplied input when setting the parent frame's page title by JavaScript in 'templates/common-footer.inc'. By leveraging this flaw, an attacker may be able to inject arbitrary HTML and script code into a user's...
DUPortal/DUPortal Pro Multiple Scripts SQL Injection (1)
The remote host is running DUPortal, a content management system written in ASP. The remote version of this software is vulnerable to several SQL injection vulnerabilities in files 'details.asp', 'search.asp', 'default.asp' , 'cat.asp' and more. With a specially crafted URL, an attacker can explo...