EUVD-2002-2399

Malware in sbrugna...

EUVD-2002-2150

Malware in sbrugna...

CVE-2002-2421

acWEB 1.14 allows remote attackers to cause a denial of service crash via an HTTP request for a MS-DOS device name such as COM2...

CVE-2008-0572

Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.10 allow remote attackers to execute arbitrary PHP code via a URL in the MMGLOBALShome parameter to 1 acweb/adminindex.php; and 2 ask.inc.php, 3 learn.inc.php, 4 manage.inc.php, 5 mind.inc.php, and 6 sensory.inc.php in include/...

Mindmeld 1.2.0.10 Multiple Remote File Inclusion Vulnerabilities

No description provided by source. Summary Mindmeld is an, "enterprise-capable knowledge-sharing system" written in PHP. There are multiple remote file inclusion vulnerabilities in Mindmeld version 1.2.0.10 latest version. Details 1. Vulnerable File and Line: Mindmeld-1.2.0.10/acweb/adminindex.ph...

CVE-2002-2421

acWEB 1.14 allows remote attackers to cause a denial of service crash via an HTTP request for a MS-DOS device name such as COM2...

CVE-2002-2421

CVE-2002-2421 affects acWEB 1.14 and is triggered by a remote HTTP request for a MS-DOS device name (e.g., COM2), causing a denial of service (crash). The vulnerability is network-exposed with no authentication and results in complete availability impact; CVSSv2 base score 7.8 (HIGH). Publicly av...

CVE-2002-2171

The CVE-2002-2171 entry describes a Cross-site Scripting (XSS) vulnerability in the web application acWEB versions 1.8 and 1.14 . The issue allows remote attackers to inject arbitrary HTML/script via a URL, potentially using a URL parameter such as a "%db" request. Documents do not provide specif...

CVE-2002-2171

Cross-site scripting XSS vulnerability in acWEB 1.8 and 1.14 allows remote attackers to insert arbitrary HTML and web script via a URL, possibly via a "%db" request in a URL...

CVE-2002-2171

Cross-site scripting XSS vulnerability in acWEB 1.8 and 1.14 allows remote attackers to insert arbitrary HTML and web script via a URL, possibly via a "%db" request in a URL...

CVE-2002-2421

acWEB 1.14 allows remote attackers to cause a denial of service crash via an HTTP request for a MS-DOS device name such as COM2...

Crossite scripting в acWeb

http://www.victim.com/dbscriptalert'Illegal20Instruction20Labs...

IIL Advisory: Vulnerabilities in acWEB HTTP server

Illegal Instruction Labs Advisory ------------------------------------------------------------------------- Advisory name: Vulnerabilities in acWEB HTTP server Advisory number: 13 Application: acWEB HTTP server Author e-mail: [email protected] Homepage: somewhere on sourceforge Date:...

ACWeb 1.14/1.8 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/5793/info acWEB is prone to cross-site scripting attacks. It is possible to construct a malicious link to the web server which contains arbitrary script code. When the link is visited, the script code will be executed in the web client of the user visitin...