Fool's Workshop Owl's Workshop 1.0 - 'resultsignore.php' Arbitrary File Access

source: https://www.securityfocus.com/bid/9689/info Owl's Workshop is reported prone to multiple remote file-disclosure vulnerabilities because the application fails to validate user-supplied input passed via a URI parameter. Upon successful exploitation of these issues, an attacker may be able t...

ShopCartCGI 2.3 - genindexpage.cgi Traversal Arbitrary File Access

ShopCartCGI 2.3 - genindexpage.cgi Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/9670/info It has been reported that ShopcartCGI is prone to a remote file disclosure vulnerability. This issue is due to insufficient validation of user-supplied input. Upon successful...

ShopCartCGI 2.3 - 'gotopage.cgi' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/9670/info It has been reported that ShopcartCGI is prone to a remote file disclosure vulnerability. This issue is due to insufficient validation of user-supplied input. Upon successful exploitation of this issue an attacker may be able to gain access to...

ShopCartCGI 2.3 - genindexpage.cgi Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/9670/info It has been reported that ShopcartCGI is prone to a remote file disclosure vulnerability. This issue is due to insufficient validation of user-supplied input. Upon successful exploitation of this issue an attacker may be able to gain access to...

----------========== OPEN3S-2003-08-08-eng-informix-onshowaudit ==========----------

----------========== OPEN3S-2003-08-08-eng-informix-onshowaudit ==========---------- Title: Local Vulnerability in IBM Informix IDS v9.40 onshowaudit binary Date: 08-08-2003 Platform: Only tested in Linux but can be exported to others. Impact: Users with exec perm over ./bin/onshowaudit can read...

open3sIDSonshowaudit.txt

----------========== OPEN3S-2003-08-08-eng-informix-onshowaudit ==========---------- Title: Local Vulnerability in IBM Informix IDS v9.40 onshowaudit binary Date: 08-08-2003 Platform: Only tested in Linux but can be exported to others. Impact: Users with exec perm over ./bin/onshowaudit can read...

Opera Web Browser 7 - IFRAME Zone Restriction Bypass

Opera Web Browser 7 - IFRAME Zone Restriction Bypass source: https://www.securityfocus.com/bid/8887/info A flaw in the Opera web browsers security model has been discovered that could allow an attacker to access a users filesystem within the Local Zone. The problem occurs when handling malformed...

Sitebuilder 1.4 - 'sitebuilder.cgi' Directory Traversal

source: https://www.securityfocus.com/bid/8521/info Sitebuilder is said to be prone to a directory traversal vulnerability, potentially allowing users to disclose the contents of system files. The problem occurs due to the application failing to parse user-supplied input for directory traversal...

file sharing for net 1.5 - Directory Traversal

file sharing for net 1.5 - Directory Traversal source: https://www.securityfocus.com/bid/8513/info File Sharing for Net is said to be prone to a directory traversal vulnerability, potentially allowing users to disclose the contents of system files. The problem occurs due to the application failin...

Directory traversal vulnerability on Xoops/E-xoops CMS module "tutorials"

An attacker can use this flaw to execute arbitrary code of his choice on the remote system, run with the privileges of httpd. The code can be written in any scripting language whose parser is run in the remote system in cooporation with httpd, whether as module or executable. Details: This...

FreeWnn 1.1.1 - JServer Logging Option Data Corruption

source: https://www.securityfocus.com/bid/7918/info A vulnerability has been reported for FreeWnn that may result in an attacker obtaining elevated privileges. It has been reported that jserver may allow an attacker to corrupt arbitrary files. Due to this, an attacker may be able to overwrite...

Happymall E-Commerce Software 4.34.4 - Normal_HTML.cgi File Disclosure

Happymall E-Commerce Software 4.34.4 - NormalHTML.cgi File Disclosure source: https://www.securityfocus.com/bid/7559/info IT has been reported that Happymall E-Commerce is prone to a file disclosure vulnerability. The problem occurs due to insufficient sanitization of user-supplied URI parameters...

Happymall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' File Disclosure

source: https://www.securityfocus.com/bid/7559/info IT has been reported that Happymall E-Commerce is prone to a file disclosure vulnerability. The problem occurs due to insufficient sanitization of user-supplied URI parameters. As a result, it may be possible for an attacker to view the contents...

[SCSA-017] Directory Traversal Vulnerability in EZ Server

====================================================================== Security Corporation Security Advisory SCSA-017 Directory Traversal Vulnerability in EZ Server ====================================================================== PROGRAM: EZ Server HOMEPAGE: http://www.html-helper.com...

CVE-2002-1439

Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 VVOS Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files...

Critical: Red Hat Security Advisory: samba security update

Updated Samba packages are now available to fix security vulnerabilities found during a code audit. Samba is a suite of utilities which provides file and printer sharing services to SMB/CIFS clients. Sebastian Krahmer discovered a security vulnerability present in unpatched versions of Samba prio...

[SECURITY] [DSA-262-1] samba security fix

------------------------------------------------------------------------ Debian Security Advisory DSA-262-1 [email protected] http://www.debian.org/security/ Wichert Akkerman March 15, 2003 - ------------------------------------------------------------------------ Package : samba Problem type :...

Sun/Netscape Java Virtual Machine1.x - Bytecode Verifier

source: https://www.securityfocus.com/bid/6224/info A vulnerability in the Sun and Netscape Java Virtual Machine has been reported. The vulnerability is related to the bytecode verifier, a component of the Java compiler that ensures legal structure of Java instructions. According to the report, i...

W3Mail 1.0.6 - File Disclosure

W3Mail 1.0.6 - File Disclosure source: https://www.securityfocus.com/bid/6170/info Versions of W3Mail 1.0.6 and greater are susceptible to a file disclosure vulnerability. To view attachments, the script "viewAttachment.cgi" accepts the parameter "file". The value of this parameter is passed to t...

DB4Web 3.43.6 - File Disclosure

DB4Web 3.43.6 - File Disclosure source: https://www.securityfocus.com/bid/5723/info DB4Web is an application server that allows read and write access to relational databases and other information sources, via the web. The application is available for Windows, Linux, and various Unix platforms. A...