Lucene search
K

232 matches found

Cvelist
Cvelist
added 2005/11/16 7:37 a.m.17 views

CVE-2003-1262

Buffer overflow in the httpfetch function of HTTP Fetcher 1.0.0 and 1.0.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a URL request via a long 1 host, 2 referer, or 3 userAgent value...

8AI score0.04067EPSS
Exploits1References6
Cvelist
Cvelist
added 2005/08/16 4:0 a.m.17 views

CVE-2004-2376

Buffer overflow in postfile.exe for Twilight Utilities Web Server 2.0.0.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a URL request with a long attfile attribute...

8AI score0.03766EPSS
Exploits1References3
Cvelist
Cvelist
added 2005/07/14 4:0 a.m.24 views

CVE-2001-1513

Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' slash, as demonstrated using ctx...

6.6AI score0.01532EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.18 views

CVE-2002-1780

BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a denial of service crash by sending a URL request for a MS-DOS device such as con. NOTE: it has been disputed that this and possibly other application-level DOS device issues stem from a bug in Window...

6.7AI score0.01574EPSS
Exploits0References3
NVD
NVD
added 2004/12/06 5:0 a.m.30 views

CVE-2004-0577

WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory...

5CVSS6.7AI score0.01373EPSS
Exploits0References3
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.22 views

CVE-2002-1093

HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3B allows remote attackers to cause a denial of service CPU consumption via a long URL request...

6.5AI score0.01616EPSS
Exploits0References3
CVE
CVE
added 2004/07/06 4:0 a.m.64 views

CVE-2004-0577

CVE-2004-0577 affects WinGate (notably 5.2.3 build 901 and 6.0 beta 2 build 942, plus 5.0.5). The vulnerability is an input-validation flaw in the wingate-internal path that allows remote, unauthenticated attackers to read arbitrary files from the root directory via a URL request to the wingate-i...

5CVSS6.8AI score0.01373EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2003/12/31 5:0 a.m.12 views

CVE-2003-1258

activate.php in versatileBulletinBoard vBB 0.9.5 and 0.9.6 allows remote attackers to gain unauthorized administrative access via a URL request with the uid parameter set to the webmaster uid...

7.5CVSS6.9AI score0.01473EPSS
Exploits1References2
NVD
NVD
added 2003/12/31 5:0 a.m.12 views

CVE-2003-1344

Trend Micro Virus Control System TVCS Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the action parameter set to "selects1", which returns log files...

5CVSS6.2AI score0.02515EPSS
Exploits1References4
Exploit DB
Exploit DB
added 2003/12/19 12:0 a.m.24 views

Xerox MicroServer - Web Server Directory Traversal

source: https://www.securityfocus.com/bid/9256/info It has been reported that XeroxMicroServer/Xerox11 may be prone to a directory traversal vulnerability that may allow an attacker to traverse outside the server root directory by using '/..' or '/.' character sequences at the end of a URL reques...

7.4AI score
Exploits0
NVD
NVD
added 2002/10/04 4:0 a.m.12 views

CVE-2002-0894

NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service crash via 1 a request for a long .jsp file, or 2 a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet...

5CVSS6.8AI score0.03318EPSS
Exploits1References4
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.19 views

CVE-2002-0894

NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service crash via 1 a request for a long .jsp file, or 2 a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet...

6.7AI score0.03318EPSS
Exploits1References4
Exploit DB
Exploit DB
added 2002/04/18 12:0 a.m.26 views

PVote 1.0/1.5 - Unauthorized Administrative Password Change

source: https://www.securityfocus.com/bid/4541/info PVote is a web voting system written in PHP. It will run on most Unix and Linux variants as well as Microsoft Windows operating systems. It is possible to change the administrative password by submitting a malicious web request containing the...

7.4AI score
Exploits0
CVE
CVE
added 2002/03/09 5:0 a.m.57 views

CVE-2001-0007

CVE-2001-0007 refers to a buffer overflow in NetScreen Firewall WebUI (ScreenOS) that allows remote DoS via an oversized URL. Exploitation crashes the firewall without login; reboot needed. Affected: various ScreenOS releases; fixed in: ScreenOS 1.73r2 (NetScreen-1000), 2.01r7 (NetScreen-10/100),...

5CVSS6.9AI score0.0755EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.22 views

CVE-2001-0585

Gordano NTMail 6.0.3c allows a remote attacker to create a denial of service via a long = 255 characters URL request to port 8000 or port 9000...

6.6AI score0.01614EPSS
Exploits0References3
CVE
CVE
added 2002/03/09 5:0 a.m.48 views

CVE-2001-0585

Gordano NTMail 6.0.3c is affected. A remote attacker can trigger a denial-of-service by sending a long URL request (≥ 255 characters) to port 8000 or 9000. The vulnerability and affected configuration are described in CVE-2001-0585 entries (NVD, CVE List). Exploitation details, affected versions ...

5CVSS7AI score0.01614EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2001/12/31 5:0 a.m.16 views

CVE-2001-1513

Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' slash, as demonstrated using ctx...

7.5CVSS6.6AI score0.01532EPSS
Exploits0References3
NVD
NVD
added 2001/09/20 4:0 a.m.14 views

CVE-2001-0703

tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to cause a denial of service via a URL request with an MS-DOS device name in the template parameter...

5CVSS6.5AI score0.07224EPSS
Exploits1References3
NVD
NVD
added 2001/08/22 4:0 a.m.16 views

CVE-2001-0613

Omnicron Technologies OmniHTTPD Professional 2.08 and earlier allows a remote attacker to create a denial of service via a long POST URL request...

5CVSS6.5AI score0.01721EPSS
Exploits1References3
NVD
NVD
added 2001/08/22 4:0 a.m.32 views

CVE-2001-0585

Gordano NTMail 6.0.3c allows a remote attacker to create a denial of service via a long = 255 characters URL request to port 8000 or port 9000...

5CVSS6.6AI score0.01614EPSS
Exploits0References3
Rows per page
Query Builder