E-Shopping Cart Arbitrary Command Execution (WebDiscount)

The eShop WebDiscount CGI is installed. A security problem in this CGI allows anyone to execute arbitrary commands with the privileges of the web server. SPDX-FileCopyrightText: 2001 Noam Rathaus SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpted from a referenced...

guestbook.cgi

The SPDX-FileCopyrightText: 1999 Mathieu Perrin Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10098";...

ShopPlus Arbitrary Command Execution Vulnerability - Active Check

The ShopPlus CGI is prone to a vulnerability that allows execution of arbitrary commands with the security privileges of the web server. SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Count.cgi

An old version of SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10049";...

BasiliX Arbitrary Command Execution Vulnerability

The remote web server contains a PHP script that is prone to arbitrary command execution. Description : The remote host appears to be running a version of BasiliX between 1.0.2beta or 1.0.3beta. In such versions, the script 'login.php3' fails to sanitize user input, which enables a remote attacke...

PuTTY window title escape character arbitrary command execution

PuTTY is prone to an arbitrary code execution vulnerability. Copyright C 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PuTTY window title escape character arbitrary command execution

PuTTY is a free SSH client. This version contains a flaw that may allow a malicious user to insert arbitrary commands and execute them. The issue is triggered when an attacker sends commands, preceded by terminal emulator escape sequences. It is possible that the flaw may allow arbitrary code...

mailreader.com directory traversal and arbitrary command execution

mailreader.com software is installed. A directory traversal flaw allows anybody to read arbitrary files on your system. OpenVAS Vulnerability Test $Id: mailreader.nasl 5783 2017-03-30 09:03:43Z cfi $ Description: mailreader.com directory traversal and arbitrary command execution Authors: Michel...

formmail.pl

The 'formmail.pl' is installed. This CGI has a well known security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon root or nobody. OpenVAS Vulnerability Test $Id: formmailpl.nasl 6703 2017-07-12 13:57:25Z cfischer $ Description: formmail.pl Authors: Mathieu...

IIS Remote Command Execution

When IIS receives a user request to run a script, it renders the request in a decoded canonical form, then performs security checks on the decoded request. A vulnerability results because a second, superfluous decoding pass is performed after the initial security checks are completed. Thus, a...

Fedora Core 3 : gdb-6.1post-1.20040607.43.0.1 (2005-1032)

This is an fc3 update for gdb regarding security issues : CVE-2005-1704 Integer Overflow in gdb This problem is that gdb's internal copy of bfd does not protect against heap-based overflow. CVE-2005-1705 gdb arbitrary command execution This problem allows unprotected .gdbinit files to execute...

ATutor < 1.5.1-pl1 Multiple Remote Vulnerabilities (XSS, RFI, Command Exe)

The remote host is running ATutor, an open source, web-based Learning Content Management System LCMS written in PHP. The version of ATutor installed on the remote host may be vulnerable to arbitrary command execution, arbitrary file access, and cross-site scripting attacks. Successful exploitatio...

ATutor 1.x - forum.inc.php Arbitrary Command Execution

ATutor 1.x - forum.inc.php Arbitrary Command Execution source: https://www.securityfocus.com/bid/15221/info ATutor is prone to multiple vulnerabilities. These issues can allow remote attackers to execute arbitrary PHP commands and carry out local file include and cross-site scripting attacks...

ATutor 1.x - &#039;forum.inc.php&#039; Arbitrary Command Execution

source: https://www.securityfocus.com/bid/15221/info ATutor is prone to multiple vulnerabilities. These issues can allow remote attackers to execute arbitrary PHP commands and carry out local file include and cross-site scripting attacks. ATutor 1.5.1-pl1 and prior versions are affected...

Snoopy 0.9x1.01.2 - Arbitrary Command Execution

Snoopy 0.9x1.01.2 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/15213/info Snoopy is prone to a vulnerability that lets attackers execute arbitrary commands because the application fails to properly sanitize user-supplied input. This issue may facilitate unauthorized...

Snoopy 0.9x/1.0/1.2 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/15213/info Snoopy is prone to a vulnerability that lets attackers execute arbitrary commands because the application fails to properly sanitize user-supplied input. This issue may facilitate unauthorized remote access to the application in the context of...

[SECURITY] [DSA 870-1] New sudo packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 870-1 [email protected] http://www.debian.org/security/ Martin Schulze October 25th, 2005 http://www.debian.org/security/faq -...

CVE-2004-2532

CVE-2004-2532 affects the Serv-U FTP Server prior to version 5.1.0.0. The issue arises from a default administrator account and password that allow a local user to authenticate to the server, create a new user, log in as that user, and then issue a SITE EXEC command to execute arbitrary commands ...

WebGUI 6.x - Arbitrary Command Execution

WebGUI 6.x - Arbitrary Command Execution source: https://www.securityfocus.com/bid/15083/info WebGUI is prone to an arbitrary command execution vulnerability. This is due to insufficient sanitization of user-supplied data. This issue can facilitate unauthorized remote access...

WebGUI 6.x - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/15083/info WebGUI is prone to an arbitrary command execution vulnerability. This is due to insufficient sanitization of user-supplied data. This issue can facilitate unauthorized remote access...