CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

seebug.org•added 2014/07/01 12:0 a.m.•11 views

mod_security <= 2.1.0 (ASCIIZ byte) POST Rules Bypass Vulnerability

No description provided by source. modsecurity = 2.1.0 ASCIIZ byte POST Rules Bypass Vulnerability http://www.php-security.org/MOPB/BONUS-12-2007.html Affected is modsecurity = 2.1.0 Detailed information Detailed information When modsecurity receives a request it parses it into web application...

7.1AI score

Exploits0

securityvulns•added 2007/03/29 12:0 a.m.•46 views

MOPB-33-2007:PHP mail() Message ASCIIZ Byte Truncation

Summary When the mail function is called with a message that contains an ASCIIZ byte it considers it the end of the message. PHP applications not filtering ASCIIZ strings from user input before embedding it into the message are therefore vulnerable to arbitrary email truncation. Affected versions...

0.1AI score

Exploits0

seebug.org•added 2007/03/12 12:0 a.m.•253 views

mod_security <= 2.1.0 (ASCIIZ byte) POST Rules Bypass Vulnerability

7.1AI score

Exploits0

seebug.org•added 2007/03/09 12:0 a.m.•15 views

Mod_Security ASCIIZ字节绕过安全限制漏洞

modsecurity是经常与PHP结合使用的Web应用防火墙。 modsecurity在处理特定的HTTP数据时存在漏洞，远程攻击者可能利用此漏洞绕过某些安全限制。在接收到请求后modsecurity会将其解析成为Web应用参数。由于解析入站数据的方式遵循RFC中所定义的规则而不一定是Perl、Python、Java或PHP中的HTTP请求解析器所兼容的方式，因此如果RFC与实际实现方式不匹配时可能存在一些限制绕过漏洞。...

7.1AI score

Exploits0

NVD•added 2007/03/08 10:19 p.m.•13 views

CVE-2007-1359

Interpretation conflict in ModSecurity modsecurity 2.1.0 and earlier allows remote attackers to bypass request rules via application/x-www-form-urlencoded POST data that contains an ASCIIZ 0x00 byte, which modsecurity treats as a terminator even though it is still processed as normal data by some...

6.8CVSS6.7AI score0.23497EPSS

Exploits1References15

Prion•added 2007/03/08 10:19 p.m.•12 views

Design/Logic Flaw

6.8CVSS6.9AI score0.23497EPSS

Exploits1References15Affected Software1

UbuntuCve•added 2007/03/08 10:19 p.m.•20 views

CVE-2007-1359

6.8CVSS6AI score0.23497EPSS

Exploits1References2

CVE•added 2007/03/08 5:0 p.m.•76 views

CVE-2007-1359

ModSecurity (mod_security)

6.8CVSS9.4AI score0.23497EPSS

Exploits1References15Affected Software1

exploitpack•added 2007/03/07 12:0 a.m.•11 views

mod_security 2.1.0 - ASCIIZ byte POST Rules Bypass

modsecurity 2.1.0 - ASCIIZ byte POST Rules Bypass modsecurity Now call it with a command like $ echo -e "&var=alert/xss/;" postdata $ curl http://localhost/test.php --data-binary...

7.4AI score

Exploits0

0day.today•added 2007/03/07 12:0 a.m.•88 views

mod_security <= 2.1.0 (ASCIIZ byte) POST Rules Bypass Vulnerability

Exploit for multiple platform in category remote exploits =================================================================== modsecurity = 2.1.0 ASCIIZ byte POST Rules Bypass Vulnerability =================================================================== modsecurity = 2.1.0 ASCIIZ byte POST...

7.1AI score

Exploits0

Exploit DB•added 2007/03/07 12:0 a.m.•37 views

mod_security 2.1.0 - ASCIIZ byte POST Rules Bypass

modsecurity Now call it with a command like $ echo -e "&var=alert/xss/;" postdata $ curl http://localhost/test.php --data-binary @postdata -A Harmle...

7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by