5285 matches found
YABB SE 0.81.41.5 - Packages.php Remote File Inclusion
YABB SE 0.81.41.5 - Packages.php Remote File Inclusion source: https://www.securityfocus.com/bid/6663/info YaBB SE allows remote users to influence the location of included files. A remote attacker may exploit this condition to cause an external, attacker-supplied file to be included and executed...
Vulnerability in WebCollection Plus (TM)
These vulnerabilities were found / tested on: WebCollection Plus TM Copyright 2001 Follett Software Company Version 5.00 Revision 12-01-A Dec 19 2001 Program protects from reading other non-webserver accessible files by checking for a : or excessive .'s in a string. If the URL has a / at the...
Psunami Bulletin Board 0.x - Psunami.cgi Remote Command Execution (1)
Psunami Bulletin Board 0.x - Psunami.cgi Remote Command Execution 1 source: https://www.securityfocus.com/bid/6607/info Psunami Bulletin Board is prone to a remote command execution vulnerability. Psunami does not sufficiently sanitize shell metacharacters from query string parameters. As a resul...
Psunami Bulletin Board 0.x - Psunami.cgi Remote Command Execution (2)
Psunami Bulletin Board 0.x - Psunami.cgi Remote Command Execution 2 source: https://www.securityfocus.com/bid/6607/info Psunami Bulletin Board is prone to a remote command execution vulnerability. Psunami does not sufficiently sanitize shell metacharacters from query string parameters. As a resul...
Psunami Bulletin Board 0.x - 'Psunami.cgi' Remote Command Execution (2)
source: https://www.securityfocus.com/bid/6607/info Psunami Bulletin Board is prone to a remote command execution vulnerability. Psunami does not sufficiently sanitize shell metacharacters from query string parameters. As a result, it may be possible for a remote attacker to execute arbitrary...
Psunami Bulletin Board 0.x - 'Psunami.cgi' Remote Command Execution (1)
source: https://www.securityfocus.com/bid/6607/info Psunami Bulletin Board is prone to a remote command execution vulnerability. Psunami does not sufficiently sanitize shell metacharacters from query string parameters. As a result, it may be possible for a remote attacker to execute arbitrary...
DCP-Portal 5.0.1 - editor.php?Root Remote File Inclusion
DCP-Portal 5.0.1 - editor.php?Root Remote File Inclusion source: https://www.securityfocus.com/bid/6525/info DCP-Portal is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. An attacker may exploit this by supplying a path to a maliciously...
DCP-Portal 5.0.1 - 'lib.php?Root' Remote File Inclusion
source: https://www.securityfocus.com/bid/6525/info DCP-Portal is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. An attacker may exploit this by supplying a path to a maliciously created file, located on an attacker-controlled host as a...
DCP-Portal 5.0.1 - 'editor.php?Root' Remote File Inclusion
source: https://www.securityfocus.com/bid/6525/info DCP-Portal is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. An attacker may exploit this by supplying a path to a maliciously created file, located on an attacker-controlled host as a...
NX Web Content Management System 2002 Prerelease 1 - datasets.php?c_path Local File Inclusion
NX Web Content Management System 2002 Prerelease 1 - datasets.php?cpath Local File Inclusion source: https://www.securityfocus.com/bid/6500/info N/X Web Content Management System is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. An attacke...
N/X Web Content Management System 2002 Prerelease 1 - 'datasets.php?c_path' Local File Inclusion
source: https://www.securityfocus.com/bid/6500/info N/X Web Content Management System is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. An attacker may exploit this by supplying a path to a maliciously created file, located on an...
CVE-2002-1828
Savant Webserver 3.1 allows remote attackers to cause a denial of service crash via an HTTP GET request with a negative Content-Length value...
CVE-2002-1857
jo! jo Webserver 1.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...
CVE-2002-2095
Joe Testa hellbent 01 webserver allows attackers to read files that are specified in the hellbent.prefs file by creating a file with a similar name in the web root, as demonstrated using 1 index.webroot and 2 index.ipallow...
CVE-2002-2256
Directory traversal vulnerability in pWins Webserver 0.2.5 and earlier allows remote attackers to read arbitrary files via Unicode characters...
CVE-2002-1941
Buffer overflow in RadioBird WebServer 4 Everyone 1.28 allows remote attackers to cause a denial of service crash via a long HTTP GET request with the Host header set...
CVE-2002-1951
Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories...
PEEL 1.0b - Remote File Inclusion
PEEL 1.0b - Remote File Inclusion source: https://www.securityfocus.com/bid/6496/info PEEL is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. An attacker may exploit this by supplying a path to a maliciously created file, located on an...
Directory traversing bug in 'myServer' webserver.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- INetCop Security Advisory 2002-0x82-010 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= - Our 10th advisory does self-congratulation. Title: Directory traversing bug in 'myServer' webserver. 0x01. Description It's very useful Windows webserver that is offered by...
Apache 1.3.x + Tomcat 4.0.x4.1.x mod_jk - Chunked Encoding Denial of Service
Apache 1.3.x + Tomcat 4.0.x4.1.x modjk - Chunked Encoding Denial of Service source: https://www.securityfocus.com/bid/6320/info Apache Webserver and Tomcat are HTTP servers maintained and distributed by the Apache project. Apache Webserver and Tomcat are available for the Unix, Linux, and Microso...