Mandriva Update for apache MDKSA-2007:140 (apache)

Check for the Version of apache OpenVAS Vulnerability Test Mandriva Update for apache MDKSA-2007:140 apache Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

PHP mbstring.func_overload web server denial of service

PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.funcoverload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server...

CVE-2009-0754

PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.funcoverload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server...

CVE-2009-0754

PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.funcoverload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server...

mod_auth_mysql: character encoding SQL injection flaw

SQL injection vulnerability in modauthmysql.c in the mod-auth-mysql aka libapache2-mod-auth-mysql module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ backslash as part of the character encoding, allows remote attackers to execute arbitrary SQL...

Getleft 1.2 Remote Buffer Overflow Proof of Concept

Exploit for multiple platform in category dos / poc =================================================== Getleft 1.2 Remote Buffer Overflow Proof of Concept =================================================== !/usr/bin/perl Getleft v1.2.0.0 DoS PoC Author: Koshi Application: Getleft v1.2 Publisher...

cambridge-sql.txt

Host Information Server = Apache/2.2.3 CentOS Version = 5.0.22 Powered by = PHP/5.1.6 Current User = visitcambridge@localhost Current Database = visitcambridge Supports Union = yes Union Columns = 3 Found By : Rohit Bansal rohitisbackatgmail.com Url| http://www.visitcambridge.org/unique.php?id=-1...

httpd: mod_proxy_http DoS via excessive interim responses from the origin server

The approxyhttpprocessresponse function in modproxyhttp.c in the modproxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service memory consumption via a large number of interim...

httpd: mod_imagemap XSS

Cross-site scripting XSS vulnerability in the 1 modimap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the 2 modimagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

httpd mod_status XSS

Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...

Seagull PHP Framework 0.6.4 - 'FCKeditor' Arbitrary File Upload

?php / ------------------------------------------------------------------------ Seagull PHP Framework = 0.6.4 fckeditor Arbitrary File Upload Exploit ------------------------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...

cmsWorks 2.2 RC4 (fckeditor) Remote Arbitrary File Upload Exploit

Exploit for unknown platform in category web applications ================================================================= cmsWorks 2.2 RC4 fckeditor Remote Arbitrary File Upload Exploit =================================================================...

cmsWorks 2.2 RC4 (fckeditor) Remote Arbitrary File Upload Exploit

No description provided by source. ?php / ----------------------------------------------------------------- cmsWorks 2.2 RC4 fckeditor Remote Arbitrary File Upload Exploit ----------------------------------------------------------------- discovered by Stack exploited by ..: EgiX special thnx to...

achievo-upload.txt

array"zip","doc","xls","pdf","rtf","csv","jpg","gif","jpeg","png","avi","mpg","mpeg","swf","fla", with a default configuration of this script, an attacker might be able to upload arbitrary files containing malicious PHP code due to multiple file extensions isn't properly checked / errorreporting0...

Achievo 1.3.2 - 'FCKeditor' Arbitrary File Upload

array"zip","doc","xls","pdf","rtf","csv","jpg","gif","jpeg","png","avi","mpg","mpeg","swf","fla", with a default configuration of this script, an attacker might be able to upload arbitrary files containing malicious PHP code due to multiple file extensions isn't properly checked / errorreporting0...

Apache 1.3.*-2.0.48 mod_userdir Remote Users Disclosure Exploit

No description provided by source. / m00-apache-w00t.c Apache 1.3.-2.0.48 remote users disclosure exploit by m00 Security. Proof-of-Concept edition This tool scans remote hosts with httpd apache and disclosure information...

tomcat directory traversal

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...

httpd: mod_imagemap XSS

Cross-site scripting XSS vulnerability in the 1 modimap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the 2 modimagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

DEBIAN-CVE-2008-0456

CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP respons...

httpd: mod_imagemap XSS

Cross-site scripting XSS vulnerability in the 1 modimap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the 2 modimagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...