186 matches found
[PersianHacker.NET 200503-09]PHPOpenChat v3.x XSS Multiple Vulnerability
PersianHacker.NET 200503-09PHPOpenChat v3.X XSS Multiple Vulnerability Date: 2005 March Bug Number: 09 PHPOpenChat is a high performance php-based chat server software for a live chat-room or -module on every php-based site. More info @: http://phpopenchat.org/ Discussion: -------------------- Th...
BizMail 2.1 Spam Exploit
Greetings all, Over the course of the last few months I've been the victim of repeated abuses of a web-based form commonly used for customer requests. This form can be downloaded here : http://www.bizmailform.com This form allowed a hacker to directly call the cgi, forge a referer url, and, with...
CVE-2003-1282
IBM Net.Data allows remote attackers to obtain sensitive information such as path names, server names and possibly user names and passwords by causing the 1 $DTWCURRENTFILENAME, 2 $DATABASE, 3 $LOGIN, 4 $PASSWORD, and possibly other predefined variables that can be echoed back to the user via a w...
CVE-2001-1281
Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote authenticated users to change information for other users by modifying the olduser parameter in the "Change User Information" web form...
CVE-2001-0096
CVE-2001-0096 describes a denial-of-service flaw in Microsoft IIS FrontPage Server Extensions (FPSE) on IIS 4.0/5.0, where a remote attacker can crash the server via a malformed web form submission. OpenVAS/Nessus classify this as a remote DoS that renders the service unusable. Public references ...
Leif M. Wright simplestmail.cgi 1.0 - Remote Command Execution
Leif M. Wright simplestmail.cgi 1.0 - Remote Command Execution source: https://www.securityfocus.com/bid/2102/info A vulnerabiliy exists in Leif M. Wright's simplestmail.cgi, a script designed to coordinate email responses from web forms. An insecurely-structured call to the open function leads t...