PT-2024-38668 · Unknown · Tosei Online Store Management System

Name of the Vulnerable Software and Affected Versions: Tosei Online Store Management System versions 4.02 through 4.04 Description: A critical issue has been discovered, affecting an unknown part of the file /cgi-bin/tosei kikai.php. The manipulation of the kikaibangou argument leads to command...

CVE-2017-8838

XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi...

compteur 2.0 - param_editor.php Remote File Inclusion

compteur 2.0 - parameditor.php Remote File Inclusion Title..: 7 php scripts File Inclusion Vuln / Source disclosure Credits: DarkFig Og.link: http://acid-root.new.fr/poc/13061007.txt Using http://www.google.com/codesearch Few examples about what we can do with a code search engine For educational...

forumv04c.txt

!/usr/bin/perl Affected.scr..: µforum v0.4c Poc.ID........: 08060901 Type..........: Member's passwords are stored in .dat file no protected by a .htaccess file Risk.level....: Medium Vendor.Status.: Unpatched Src.download..: comscripts.com/scripts/php.forum.1568.html Poc.link......:...

NetCode NC Book book.cgi current Parameter Arbitrary Command Execution

The CGI 'book.cgi' is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid10721; scriptversion"1.27";...

Matt Wright guestbook.pl Arbitrary Command Execution

The 'guestbook.pl' is installed. This CGI has a well known security flaw that lets anyone execute arbitrary commands with the privileges of the HTTP daemon root or nobody. %NASLMINLEVEL 70300 This script was written by Mathieu Perrin See the Nessus Scripts License for details Changes by Tenable: ...