CVE-2001-1234

Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable...

CVE-2001-1296

More.groupware PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable...

advisory

------------ advisory ------------ name: eshop Online-Shop System author: WEBDISCOUNT, Inh. Michael Boehme Problem: Script doesnt check for symbol ";". any user can execute any nix commands on webserver. exploit: host/cgi-bin/eshop.pl?seite=;ls| ex...

Beck GmbH IPC@Chip does not adequately validate user input thereby disclosing sensitive network data via crafted URL

Overview An insecure default configuration in the Beck IPC@CHIP allows an intruder to obtain priviledged system information. Description The Beck IPC@CHIP is a single chip embedded webserver. The Beck IPC@CHIP ships with a cgi script named "ChipCfg". Using a specially crafted url, an attacker can...

CVE-1999-1536

The CVE-1999-1536 entry concerns AcuShop Salesbuilder where the .sbstart startup script is world-writable. This allows local users to escalate privileges by appending commands to the file, leading to complete compromise of confidentiality, integrity, and availability for affected contexts per the...

CVE-1999-1155

LakeWeb Mail List CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address...

CVE-1999-1345

CVE-1999-1345 affects the Auto_FTP 0.2 setup where the Auto_FTP.pl script uses the /tmp/ftp_tmp directory as a shared area with insecure permissions. This misconfiguration allows local users to: (1) place arbitrary files into the shared directory to be sent to the remote server, and (2) view file...

CVE-1999-1560

CVE-1999-1560 describes a local privilege escalation in TAMU Tiger where a vulnerability in a script allows local users to execute arbitrary commands as the Tiger user (usually root). The affected component is a script within TAMU Tiger; the underlying cause is not explicitly detailed in the prov...

CVE-1999-1179

CVE-1999-1179 describes a vulnerability in the included man.sh CGI script from SysAdmin Magazine (May 1998) that allows remote attackers to execute arbitrary commands. The NVD notes a CVSSv2 base score of 7.5 (HIGH) with AV:N/AC:L/Au:N/C:P/I:P/A:P. The entry lists no exploitation status and provi...

NetCode NC Book book.cgi current Parameter Arbitrary Command Execution

The CGI 'book.cgi' is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid10721; scriptversion"1.27";...

CVE-2001-0100

The CVE-2001-0100 entry concerns the bslist.cgi mailing list script. The vulnerability arises when an attacker supplies shell metacharacters in the email address, allowing remote execution of arbitrary commands. The description indicates a remote, unauthenticated impact affecting the bslist.cgi c...

Microsoft Internet Explorer 5.5 - File Disclosure

source: https://www.securityfocus.com/bid/2833/info Internet Explorer contains a flaw which could enable a remote web site operator to retrieve a known file from a visiting user's system. If a specially formed script containing GetObject function with the known path to an existing file is embedde...

Thinking Arts ES.One store.cgi StartID Parameter Traversal Arbitrary File Access

The 'store.cgi' cgi is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid10639;...

CGI - mailnews.cgi vulnerability...

Hello BuGReaders... Script: mailnews.cgi Introduction: cat from source CGI-Script MAILNEWS 1.3 This script helps you to maintain a mailinglist. /cat Tested Version: 1.1, 1.3 Author dont parse some characters and he use very stupid "password protection". We can add or delete users from maillist...

phf CGI Script fails to guard against newline characters

Overview This document describes a vulnerability in a CGI script known as phf which was widely exploited in 1996 and 1997. Description The phf CGI script constructs a partial command line consisting of the ph command and appropriate arguments, and completes the command line based on the input fro...

CVE-2000-0878

The mailto CGI script allows remote attacker to execute arbitrary commands via shell metacharacters in the emailadd form field...

CVE-2000-1132

DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable...

CVE-2000-0868

The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/...

CVE-2000-1132

DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable...

Informix webdriver CGI Unauthenticated Database Access

The remote host may be running Informix Webdriver, a web-to-database interface. If not configured properly, this CGI script may give an unauthenticated attacker the ability to modify and even delete databases on the remote host. Nessus relied solely on the presence of this CGI; it did not try to...