CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

1764 matches found

Exploit DB•added 2003/03/31 12:0 a.m.•16 views

Xonic.ru News 1.0 - 'script.php' Remote Command Execution

source: https://www.securityfocus.com/bid/7365/info A vulnerability has been reported for Xonic.ru News. The problem occurs due to insufficient sanitization of user-supplied data to the 'script.php' file. As a result, it may be possible for an attacker to pass malicious PHP or shell commands in...

exploitpack•added 2003/03/31 12:0 a.m.•10 views

Xonic.ru News 1.0 - script.php Remote Command Execution

Xonic.ru News 1.0 - script.php Remote Command Execution source: https://www.securityfocus.com/bid/7365/info A vulnerability has been reported for Xonic.ru News. The problem occurs due to insufficient sanitization of user-supplied data to the 'script.php' file. As a result, it may be possible for ...

securityvulns•added 2003/03/04 12:0 a.m.•26 views

Security Update: [CSSA-2003-SCO.3] UnixWare 7.1.1 Open UNIX 8.0.0 UnixWare 7.1.3 : ftp vulnerability with pipe symbols in filenames

To: [email protected] [email protected] [email protected] [email protected] SCO Security Advisory Subject: UnixWare 7.1.1 Open UNIX 8.0.0 UnixWare 7.1.3 : ftp vulnerability with pipe symbols in filenames Advisory number: CSSA-2003-SCO.3 Issue date: 2003 March...

10CVSS6.7AI score0.01228EPSS

Exploit DB•added 2003/02/15 12:0 a.m.•38 views

DotBr 0.1 - 'System.php3' Remote Command Execution

source: https://www.securityfocus.com/bid/6866/info The DotBr 'system.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell commands with the privileges of the...

Exploit DB•added 2003/02/15 12:0 a.m.•55 views

DotBr 0.1 - 'Exec.php3' Remote Command Execution

source: https://www.securityfocus.com/bid/6867/info The DotBr 'exec.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell commands with the privileges of the...

securityvulns•added 2002/10/01 12:0 a.m.•31 views

ASA-0000: GV Execution of Arbitrary Shell Commands

"After" Security Advisory Title: GV Execution of Arbitrary Shell Commands Affects: gv-3.5.8 and probably older versions Advisory ID: ASA-0000 Release Date: 2002-10-01 Author: Marc Bevand bevandm at epita.fr URL: http://www.epita.fr/bevandm/asa/asa-0000 --oOo-- 0. Table of Contents 0. Table of...

securityvulns•added 2002/03/21 12:0 a.m.•31 views

Code execution in Win32 Apache via .bat files

If server uses .bat files as CGI it's possible to execute any shell commands by using pipes...

Exploits0References1Affected Software1

securityvulns•added 2001/10/22 12:0 a.m.•40 views

Шел-команды в Network Query Tool (code execution)

Нефильтруемые шел-символы при вызове внешней программы...

Exploits0References1Affected Software1

securityvulns•added 2001/02/14 12:0 a.m.•51 views

Security hole in kicq

Hi all, there is some security related problem with kicq. The authors were contacted and provided with a suggestion for a patch which should be available soon. I did not find anything on the archive on this, so here we go. kicq is a free icq client clone available at http://kicq.sourceforge.net/...

CVE•added 2001/02/02 5:0 a.m.•60 views

CVE-2001-0023

CVE-2001-0023 affects the everythingform.cgi CGI program by Leif Wright. It allows a remote attacker to execute arbitrary commands via shell metacharacters in the config parameter. The available documents do not specify affected versions, root cause details beyond this description, or any provide...

10CVSS7.7AI score0.03406EPSS

Exploits1References3Affected Software1

Exploit DB•added 2000/12/20 12:0 a.m.•37 views

Brian Stanback bsguest.cgi 1.0 - Remote Command Execution

source: https://www.securityfocus.com/bid/2159/info An input validation vulnerability exists in Brian Stanback's bsguest.cgi, a script designed to coordinate guestbook submissions from website visitors. The script fails to properly filter ';' characters from the user-supplied email address...

Exploit DB•added 2000/12/20 12:0 a.m.•26 views

Brian Stanback bslist.cgi 1.0 - Remote Command Execution

source: https://www.securityfocus.com/bid/2160/info An input validation vulnerability exists in Brian Stanback's bslist.cgi, a script designed to coordinate mailing lists. The script fails to properly filter ';' characters from the user-supplied email addresses collected by the script. As a resul...

exploitpack•added 2000/12/14 12:0 a.m.•15 views

Leif M. Wright simplestguest.cgi 2.0 - Remote Command Execution

Leif M. Wright simplestguest.cgi 2.0 - Remote Command Execution source: https://www.securityfocus.com/bid/2106/info A vulnerabiliy exists in Leif M. Wright's simplestguest.cgi, a script designed to coordinate guestbook submissions from website visitors. An insecure call to the open function leads...

Exploit DB•added 2000/12/11 12:0 a.m.•36 views

Leif M. Wright everythingform.cgi 2.0 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/2101/info An input validation vulnerability exists in Leif M. Wright's everything.cgi, a Perl-based form design tool. The script fails to properly filter shell commands from user-supplied input to the 'config' field. As a result, the script can be made to...

exploitpack•added 2000/12/11 12:0 a.m.•10 views

Leif M. Wright simplestmail.cgi 1.0 - Remote Command Execution

Leif M. Wright simplestmail.cgi 1.0 - Remote Command Execution source: https://www.securityfocus.com/bid/2102/info A vulnerabiliy exists in Leif M. Wright's simplestmail.cgi, a script designed to coordinate email responses from web forms. An insecurely-structured call to the open function leads t...

securityvulns•added 2000/12/07 12:0 a.m.•22 views

Дырка в mailman

Недостаточная проверка ввода пользователя на наличие shell-символов дает возможность администраторам списков выполнять команды на сервере...

Exploits0References1Affected Software1

securityvulns•added 2000/11/24 12:0 a.m.•27 views

Re: possible bug in rcp...

On Wed, Nov 22, 2000 at 09:11:20AM +1100, Andrew Griffiths wrote: Here is a possible bug in rcp; since I think it calls system. I haven't had much time to play with this, because exama are coming up. It is negated because system calls /bin/cp which with the newer versions of bash, it drops it's...

exploitpack•added 2000/11/01 12:0 a.m.•8 views

Debian 2.x RedHat 6.2 IRIX 56 Solaris 2.x - Mail Reply-To Field

Debian 2.x RedHat 6.2 IRIX 56 Solaris 2.x - Mail Reply-To Field source: https://www.securityfocus.com/bid/1910/info mail is a simple console e-mail client. A vulnerability exists in several vendors' distributions of this program. An attacker can compose an email message with a carefully-formed...

Exploit DB•added 2000/11/01 12:0 a.m.•25 views

Debian 2.x / RedHat 6.2 / IRIX 5/6 / Solaris 2.x - Mail Reply-To Field

source: https://www.securityfocus.com/bid/1910/info mail is a simple console e-mail client. A vulnerability exists in several vendors' distributions of this program. An attacker can compose an email message with a carefully-formed string in the Reply-To: field which includes shell meta-characters...

securityvulns•added 2000/10/27 12:0 a.m.•123 views

Security Advisory YYYY-NNN

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-014 ================================= Topic: Global-3.55 allows world-wide executable cgi. Version: any before 4.01 Severity: permits remote execution of arbitrary shell commands Abstract ======== When using the CGI interface of the...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by