CVE-2005-4836

The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information...

CVE-2005-3630

Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives...

DEBIAN-CVE-2005-3357

modssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service application crash via a non-SSL request to an SSL port, which triggers a NULL pointer dereference...

CVE-2005-3357

modssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service application crash via a non-SSL request to an SSL port, which triggers a NULL pointer dereference...

phpDocumentor <= 1.3.0 rc4 Remote Commands Execution Exploit

Exploit for unknown platform in category web applications ============================================================ phpDocumentor PhpDocumentor body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: cross...

PHPGedView &lt;= 3.3.7 Arbitrary Remote Code Execution Exploit

No description provided by source. ?php ---phpgedview337xpl.php 16.31 20/12/2005 PHPGedView = 3.3.7 remote commands execution coded by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu:"If the enemy leaves a door open, you must rush in...

PHPGedView 3.3.7 - Remote Code Execution

PhpGedView body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color: FFFFFF !important input background-color: 303030 !important option background-color: 303030 !important textarea background-color: 303030...

Apache mod_imap crossite scripting

Referer crossite scripting...

[OpenPKG-SA-2005.029] OpenPKG Security Advisory &#40;apache&#41;

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2005.029 14-Dec-2005 Package: apache Vulnerability: cross site scripting OpenPKG...

Limbo 1.0.4.2 - &#039;_SERVER[REMOTE_ADDR]&#039; Remote Command Execution

this works wtih registerglobals off & regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Humble words and increased preparations are signs that the enemy is about to advance. Violent language and driving forward as if to the attack are...

CVE-2005-3352

Cross-site scripting XSS vulnerability in the modimap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps...

CVE-2005-3352

Cross-site scripting XSS vulnerability in the modimap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps...

phpCOIN 1.2.2 (phpcoinsessid) SQL Inj / Remote Code Execution Exploit

No description provided by source. ?php ---phpcoin122sqlxpl.php phpCOIN 1.2.2 phpcoinsessid blind SQL injection / remote code execution coded by rgod site: http://rgod.altervista.org - this works with magicquotesgpc off usage: launch from Apache, fill in requested fields, then go! Sun-Tzu:"When...

phpCOIN 1.2.2 - &#039;phpcoinsessid&#039; SQL Injection / Remote Code Execution

this works with magicquotesgpc off usage: launch from Apache, fill in requested fields, then go! Sun-Tzu:"When these five kinds of spy are all at work, none can discover the secret system. This is called "divine manipulation of the threads." It is the sovereign's most precious faculty."...

CVE-2004-2650

Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service memory consumption by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak...

Website Baker 2.6.0 - Authentication Bypass Remote Code Execution

Website Baker 2.6.0 - Authentication Bypass Remote Code Execution this works with magicquotesgpc off usage: launch from Apache, fill in requested fields, then go! Sun Tzu: "The control of a large force is the same principle as the control of a few men: it is merely a question of dividing up their...

SugarSuite Open Source 4.0beta - Remote Code Execution (1)

SugarSuite Open Source 4.0beta - Remote Code Execution 1 Sugar Suite Open Source body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color: FFFFFF !important input background-color: 303030 !important option...

SimpleBBS 1.1 - Remote Command Execution

SimpleBBS 1.1 - Remote Command Execution this works regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "He will win who knows when to fight and when not to fight." errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout", ...

SimpleBBS &lt;= 1.1 Remote Commands Execution Exploit

No description provided by source. ?php ---simplebbs11xpl.php 19.42 02/12/2005 SimpleBBS = v1.1 remote commands execution coded by rgod site: http://rgod.altervista.org - this works regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "He wi...

SimpleBBS 1.1 - Remote Command Execution

this works regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "He will win who knows when to fight and when not to fight." errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout", 2; obimplicitflush 1; echo' SimpleBBS bod...