232 matches found
TmaxSoft JEUS Alternate Data Streams Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: TmaxSoft JEUS Alternate Data Streams Vulnerability Author: Simon Ryeobar4mi at gmail Severity: High Impact: Remote File Disclosure Vulnerable Version: JEUS 5: Fix26 on NTFS References: -...
TmaxSoft JEUS - Alternate Data Streams File Disclosure
TmaxSoft JEUS - Alternate Data Streams File Disclosure Title: TmaxSoft JEUS Alternate Data Streams Vulnerability Author: Simon Ryeobar4mi at gmail Severity: High Impact: Remote File Disclosure Vulnerable Version: JEUS 5: Fix26 on NTFS References: -...
Gentoo Security Advisory GLSA 200403-11 (Squid)
The remote host is missing updates announced in advisory GLSA 200403-11. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200403-11 (Squid)
The remote host is missing updates announced in advisory GLSA 200403-11. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2002-2413
WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name...
CVE-2002-2413
WebSite Pro 3.1.11.0 on Windows is affected by CVE-2002-2413, where a remote attacker can read script source code for files with extensions longer than 3 characters by requesting a URL that uses the equivalent 8.3 file name. The vulnerability is described in multiple sources (RH and NVD entries) ...
CVE-2002-2370
SWS web server 0.0.4, 0.0.3 and 0.1.0 allows remote attackers to cause a denial of service crash via a URL request that does not end with a newline...
CVE-2007-1642
Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "access any common file" via a direct URL request...
Cross site request forgery (csrf)
Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "access any common file" via a direct URL request...
CVE-2007-1642
Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "access any common file" via a direct URL request...
Authentication flaw
admin/default.asp in Orion-Blog 2.0 allows remote attackers to bypass authentication controls and gain privileges via a direct URL request for admin/AdminBlogNewsEdit.asp...
CVE-2007-1471
admin/default.asp in Orion-Blog 2.0 allows remote attackers to bypass authentication controls and gain privileges via a direct URL request for admin/AdminBlogNewsEdit.asp...
CVE-2006-6482
CVE-2006-6482 affects Adobe ColdFusion MX7. The issue allows remote disclosure of sensitive information via URL requests: (1) requesting non-existent files (JWS, CFM, CFML, or CFC) causes error messages revealing the installation path; (2) accessing /CFIDE/administrator/login.cfm without a host c...
CVE-2006-3290
HTTP server in Cisco Wireless Control System WCS for Linux and Windows before 3.251 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request...
OCE 3121/3122 Printer (parser.exe) Denial of Service Exploit
Exploit for hardware platform in category dos / poc ============================================================ OCE 3121/3122 Printer parser.exe Denial of Service Exploit ============================================================ !/usr/bin/perl OCE 3121/3122 Printer DoS Exploit...
linux/x86 HTTP/1.x GET Downloads and JMP - 68 bytes+
No description provided by source. / linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+ This shellcode allows you to download a binary code straight off a standard HTTP server and execute it. The downloaded shellcode e.g. binary code will be executed on the stack. DEMONSTRATION: Starting by...
CVE-2003-1257
findthenihome.php in E-theni allows remote attackers to obtain sensitive system information via a URL request which executes phpinfo...
CVE-2003-1245
The CVE-2003-1245 issue affects Mambo Site Server (CMS) in version 4.0.12, where index2.php allows a remote attacker to gain administrator access by sending a URL with session_id set to the MD5 hash of a valid session cookie. Root cause is improper validation of cookies, enabling session imperson...
CVE-2003-1248
CVE-2003-1248 affects H-Sphere WebShell 2.3. The vulnerability allows remote command execution by passing shell metacharacters in the mode and zipfile URL parameters. Impact is partial confidentiality, integrity, and availability. No explicit exploitation status is provided in the documents; expl...
CVE-2003-1248
H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 mode and 2 zipfile parameters in a URL request...