18 matches found
EUVD-2005-1353
Malware in sbrugna...
EUVD-2005-1354
Malware in sbrugna...
EUVD-2005-1355
Malware in sbrugna...
Leif M. Wright ad.cgi 1.0 Unchecked Input Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2103/info ad.cgi is an ad rotation script freely available, and written by Leif Wright. A problem exists in the script which may allow access to restricted resources. The problem occurs in the method in which the script...
CVE-2007-5036
Multiple buffer overflows in the AirDefense Airsensor M520 with firmware 4.3.1.1 and 4.4.1.4 allow remote authenticated users to cause a denial of service HTTPS service outage via a crafted query string in an HTTPS request to 1 adLog.cgi, 2 post.cgi, or 3 ad.cgi, related to the "files filter."...
Buffer overflow
Multiple buffer overflows in the AirDefense Airsensor M520 with firmware 4.3.1.1 and 4.4.1.4 allow remote authenticated users to cause a denial of service HTTPS service outage via a crafted query string in an HTTPS request to 1 adLog.cgi, 2 post.cgi, or 3 ad.cgi, related to the "files filter."...
CVE-2005-1350
The ad.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument...
CVE-2005-1352
Cross-site scripting XSS vulnerability in the ad.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument...
CVE-2005-1351
The ad.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument...
CVE-2005-1351
CVE-2005-1351 concerns the ad.cgi script, which allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. The NVD entry lists a CVSS v2 base score of 7.5 (HIGH) with network access, low complexity, no authentication, and partial impacts to confidentiality, in...
CVE-2005-1352
CVE-2005-1352 describes an XSS vulnerability in the ad.cgi script that allows remote attackers to inject arbitrary web script or HTML via the argument. Evidence comes from NVD/CVE records; the exact affected product, version, and root cause details beyond “ad.cgi script” are not specified in the ...
CVE-2005-1351
The ad.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument...
CVE-2005-1350
CVE-2005-1350 concerns the ad.cgi script which allows remote attackers to read arbitrary files by supplying a full pathname as the argument. The vulnerability is confirmed in multiple sources (NVD/NVD-derived records); the CVSS v2 base score is 5.0 (Medium) with network access and low attack comp...
CVE-2005-1350
The ad.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument...
CVE-2005-1352
Cross-site scripting XSS vulnerability in the ad.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument...
remote command execution in ad.cgi script
Tunis 24/04/2005 BUG found by fireboy [email protected] THERE ARE SOME BUGS IN ad.cgi SCRIPT THAT CAN SHOW SENSILBLES FILES IN A SYSTEM OR EXECUTE COMMANDS IN THE TARGET HOST WICH CAN COMPROMISE IT. IT IS ONLY FOR SECURITY AND EDUCATIONAL PURPOSE 1file showing...
CVE-2001-0025
CVE-2001-0025 affects the ad.cgi CGI program by Leif Wright. The vulnerability allows remote arbitrary command execution via shell metacharacters in the file parameter, with the CGI typically running under web server privileges (often root or nobody). The issue is documented in multiple sources (...
Insecure input validation in ad.cgi
Hi, ad.cgi from "Scripts by Tammie's HUSBAND" contains an insecure input validation vulnerability. Information on ad.cgi is available at: http://www.conservatives.net/atheist/scripts/index.html?ads ----code snippet---- $filename = "$FORM'file'"; $datafile = "$basedir" . "$filename"; ... open INFO...