SWSoft ASPSeek 1.0 - s.cgi Remote Buffer Overflow

SWSoft ASPSeek 1.0 - s.cgi Remote Buffer Overflow source: https://www.securityfocus.com/bid/2492/info A buffer overflow in ASPSeek versions 1.0.0 through to 1.0.3 allows for arbitrary code execution with the privileges of the web server. The vulnerable script is s.cgi and the buffer overflow can ...

Bajie WebServer 0.780.90 - Remote Command Execution

Bajie WebServer 0.780.90 - Remote Command Execution source: https://www.securityfocus.com/bid/2388/info It is possible to execute arbitrary commands on a host running Bajie Webserver. A remote user can use Bajie's built-in upload feature to place malicious scripts on Bajie webservers. These...

Bajie WebServer 0.78/0.90 - Remote Command Execution

source: https://www.securityfocus.com/bid/2388/info It is possible to execute arbitrary commands on a host running Bajie Webserver. A remote user can use Bajie's built-in upload feature to place malicious scripts on Bajie webservers. These uploaded scripts are placed in known destination...

CVE-2000-1112

Technical details about CVE-2000-1112 are not publicly available in the provided connected documents. The record describes Windows Media Player 7 skin-script execution, but no specifics on affected versions, root cause, exploit method, or fixes are included. Monitor for updates.

CVE-2000-1112

Microsoft Windows Media Player 7 executes scripts in custom skin .WMS files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability...

PHP Security Advisory - Apache Module bugs

Problems ========= 1 PHP supports a configuration mechanism that allows users to configure PHP directives on a per-directory basis. Under Apache, this is usually done using .htaccess files. Due to a bug in the Apache module version of PHP, remote 'malicious users' might be able to create a specia...

Дырка в TWIG webmail

Используя ошибку в проверке агрументов можно загрузить и выполнить собственный php3-скрипт...

Дырка в mh (rcvtty) под BSDi

rcvtty позволяет выполнение скрипта...

Security Bulletin (MS00-090)

Microsoft Security Bulletin MS00-090 - -------------------------------------- Patch Available for ".ASX Buffer Overrun" and ".WMS Script Execution" Vulnerabilities Originally posted: November 22, 2000 Summary ======= Microsoft has released a patch that eliminates two security vulnerabilities in...

/sbin/restore exploit (rh6.2)

Exploit for linux platform in category local exploits ============================= /sbin/restore exploit rh6.2 ============================= !/bin/sh /sbin/restore exploit for rh6.2 I did not find this weakness my self, all i did was writing this script and some more to make it automatic and eas...

Уявзвимость в IIS при обработке HTW (.htw URL script)

При обращении к .htw файлам URL может содержать скрипт. При выдаче дагностического сообщения URL не будет комментироваться, что позволяет выполнить скрипт в контексте сервера...

CVE-1999-0942

UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes...

Заткнуты дырки в IE (Scriptlet Rendering, IE Script)

Несколько дырок позволявших выполнять скрипты в контексте локальной машины и обращаться к локальным файлам...

Check Point Software Firewall-1 3.0 Script - Tag Checking Bypass

Check Point Software Firewall-1 3.0 Script - Tag Checking Bypass source: https://www.securityfocus.com/bid/954/info Firewall-1 includes the ability to alter script tags in HTML pages before passing them to the client's browser. This alteration invalidates the tag, rendering the script unexecutabl...

CVE-1999-0488

Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability...

CVE-1999-0268

MetaInfo MetaWeb web server allows users to upload, execute, and read scripts...