PortailPHP 2 - '/mod_news/goodies.php?chemin' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/22381/info PortailPHP is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows an attacker to execute arbitrary server-side script code on an affected...

PortailPHP 2 - '/mod_news/goodies.php?chemin' Remote File Inclusion

source: https://www.securityfocus.com/bid/22381/info PortailPHP is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows an attacker to execute arbitrary server-side script code on an affected...

PortailPHP 2 - '/mod_search/index.php?chemin' Remote File Inclusion

source: https://www.securityfocus.com/bid/22381/info PortailPHP is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows an attacker to execute arbitrary server-side script code on an affected...

FD Script 1.3.x - FName Information Disclosure

FD Script 1.3.x - FName Information Disclosure source: https://www.securityfocus.com/bid/22265/info FD Script is prone to an information-disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve...

Vote! Pro 4.0 - Multiple PHP Code Execution Vulnerabilities

Vote! Pro 4.0 - Multiple PHP Code Execution Vulnerabilities source: https://www.securityfocus.com/bid/22191/info Multiple VoIP phones using the Aredfox PA168 Chipset are prone to a session-hijacking vulnerability due to a design error. An attacker can exploit this issue to gain administrative...

Network Security Series knowledge of CGI exploits collection on-vulnerability warning-the black bar safety net

Following the collection and collation of some of the famous CGI vulnerability and provided some security recommendations and solutions, if the server of the presence of these vulnerabilities not patched, then, each vulnerability is likely will fill the intruder utilization, increase Server been...

Directory traversal

Directory traversal vulnerability in the AVM IGD CTRL Service in Fritz!DSL 02.02.29 allows remote attackers to read arbitrary files via ..%5C URL-encoded dot dot backslash sequences in a URI requested from the AR7 webserver...

CVE-2003-1318

Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial of service application crash via a GET request for a long URI, a different vulnerability than CVE-2004-2376...

CVE-2003-1318

CVE-2003-1318 affects Twilight Webserver 1.3.3.0. A remote attacker can cause a denial of service (application crash) by issuing a GET request for a long URI. The provided documents do not specify any official fixes or patches; no exploitation details are given beyond the basic description.

Twilight Webserver 1.3.3.0 (GET) Remote Denial of Service Exploit

No description provided by source. / Denial of Service Attack against Twilight Webserver v1.3.3.0 Author: H0tTurk- WebSite: http://www.twilightutilities.com Version: Twilight Webserver v1.3.3.0 $24.95 USD NewVersion: Tw 2.1 Exploit: tw.c Compile: gcc twilight -o tw Contact: - Mail:...

EditTag 1.2 - edittag.cgi?file Arbitrary File Disclosure

EditTag 1.2 - edittag.cgi?file Arbitrary File Disclosure source: https://www.securityfocus.com/bid/21890/info EditTag is prone to multiple directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow a remote...

EditTag 1.2 - edittag.pl?file Arbitrary File Disclosure

EditTag 1.2 - edittag.pl?file Arbitrary File Disclosure source: https://www.securityfocus.com/bid/21890/info EditTag is prone to multiple directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow a remote...

EditTag 1.2 - 'edittag.cgi?file' Arbitrary File Disclosure

source: https://www.securityfocus.com/bid/21890/info EditTag is prone to multiple directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow a remote attacker to access any file on the affected webserver. Versio...

CVE-2006-6855

AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to cause a denial of service daemon crash via a flood of HTTP GET requests, possibly related to display of HTTP log data by the GUI. NOTE: some of these details are obtained from third party information...

EUVD-2006-6838

AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to cause a denial of service daemon crash via a flood of HTTP GET requests, possibly related to display of HTTP log data by the GUI. NOTE: some of these details are obtained from third party information...

CVE-2006-6855

AIDeX Mini-WebServer 1.1 early release 3 is affected by a remote denial-of-service vulnerability: a flood of HTTP GET requests can crash the daemon, possibly tied to the GUI’s HTTP log data display. Root cause details are not provided, and no patch/mitigation is specified in the available documen...

CVE-2006-6855

AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to cause a denial of service daemon crash via a flood of HTTP GET requests, possibly related to display of HTTP log data by the GUI. NOTE: some of these details are obtained from third party information...

AIDeX Mini-Webserver HTTP请求远程拒绝服务漏洞

AIDeX Mini-WebServer是一款简单易用功能强大的Web服务器程序。 AIDeX在GUI中显示当前HTTP请求时存在错误，允许攻击者发送恶意的HTTP请求（如GET、HEAD）导致服务器崩溃。 利用此漏洞需要用户在接收HTTP请求时正在访问GUI日志窗口。 AIDeX Mini-Webserver 1.1 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.aidex.de/software/webserver/ import socket print...

AIDeX Mini-WebServer <= 1.1 Remote Denial of Service Crash Exploit

No description provided by source. import socket print "---------------------------------------------------------------------" print " AID'eX Mini-Webserver Verion 1.1 early Release 3 Denial of Service" print " url: http://www.aidex.de/software/webserver/" print " author: shinnai" print " mail:...

AIDeX Mini-WebServer <= 1.1 Remote Denial of Service Crash Exploit

Exploit for unknown platform in category dos / poc ================================================================== AIDeX Mini-WebServer = 1.1 Remote Denial of Service Crash Exploit ================================================================== import socket print...