EUVD-1999-0253

Malware in sbrugna...

Simple ASC CMS 1.2 Database Disclosure

======================================================================== | Title : Simple ASC CMS 1.2 Database Disclosure Exploit | Author : indoushka | email : [email protected] | Tested on : windows 8.1 FranASSais V.Pro | Vendor : http://www.aspsource.org...

Simple ASC CMS 1.2 Cross Site Scripting

Document Title: =============== Simple ASC CMS v1.2 - Guestbook Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2072 Release Date: ============= 2017-05-21 Vulnerability Laboratory ID VL-ID: ====================================...

Simple ASC CMS v1.2 - (Guestbook) Persistent Vulnerability

Document Title: =============== Simple ASC CMS v1.2 - Guestbook Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2072 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15947 CVE-ID: ======= CVE-2017-15947 Release Date:...

Simple ASC CMS v1.2 - Guestbook Persistent Vulnerability

Document Title: =============== Simple ASC CMS v1.2 - Guestbook Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2072 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15947 CVE-ID: ======= CVE-2017-15947 Release Date:...

Microsoft Index Server 2.0 '%20' ASP Source Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1084/info Index Server can be used to cause IIS to display the source of .asp and possibly other server-side processed files. By appending a space %20 to the end of the filename specified in the 'CiWebHitsFile' variable,...

CVE-2011-4766

The Site Editor aka SiteBuilder feature in Parallels Plesk Small Business Panel 10.2.0 allows remote attackers to obtain ASP source code via a direct request to wysiwyg/fckconfig.js. NOTE: CVE disputes this issue because ASP is only used in a JavaScript comment...

Q-Shop 3.0 Remote XSS/SQL Injection Vulnerabilities

No description provided by source. 000000 00000 0000 0000 000 00 000000 0000000 0000 000000 00000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 00000 0 0 0 0 0 0 0 0 00000 0000 0 0 0 0 00000 0 0 0 0 0 0 0 0 0 0 000 0 0 0 ...

wsftp-disclose.txt

Luigi Auriemma Application: WSFTP Server Manager http://www.wsftp.com Versions: WSFTP Server = 6.1.0.0 Platforms: Windows Bugs: A authorization bypassing in log visualization B ASP source visualization Exploitation: remote Date: 06 Feb 2008 Author: Luigi Auriemma e-mail: [email protected] web:...

With ASP Trojan FTP and decompression-vulnerability warning-the black bar safety net

In broilers placed on the website,the most troublesome is probably the update and upload a lot of files, Terminal Services broad daylight easy to be found,open your own ftp and not assured. Your own online in a circle is found by combining the non-component upload asp Trojan can be easily achieve...

Multiple Web Server Encoded Space (%20) Request ASP Source Disclosure

It appears possible to get the source code of the remote ASP scripts by appending a '%20' to the request. ASP source code usually contains sensitive information such as logins and passwords. This has been reported in Simple HTTPD shttpd, Mono XSP for ASP.NET and vWebServer. This type of request m...

CVE-2001-0709

Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode...

CVE-1999-0154

IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . dot to the end of the URL...

Microsoft IIS Translate f: ASP/ASA Source Disclosure

There is a serious vulnerability in Windows 2000 unpatched by SP1 that allows an attacker to view ASP/ASA source code instead of a processed file. SP source code can contain sensitive information such as usernames and passwords for ODBC connections. %NASLMINLEVEL 70300 This script was written by...

Заткнута дырка в IIS (Specialized Header)

При определенном HTTP-заголовке запроса можно было получить исходные тексты ASP-приложения...

CVE-2000-0246

The vulnerability CVE-2000-0246 affects Microsoft IIS 4.0/5.0 where ISAPI extension processing fails for a virtual directory mapped to a UNC share, enabling remote attackers to read ASP source and other files. OpenVAS/Nessus entries confirm ASP/HTR source disclosure via UNC-path access. No remedi...

Microsoft IIS ASP::$DATA ASP Source Disclosure

It is possible to get the source code of a remote ASP script by appending '::$DATA' to the end of the request. ASP source code may contain sensitive information such as logins, passwords and server information. %NASLMINLEVEL 70300 This script was written by Renaud Deraison See the Nessus Scripts...

Microsoft IIS/PWS %2e Request ASP Source Disclosure

It is possible to get the source code of a remote ASP script by appending '%2e' to the end of the request. ASP source code usually contains sensitive information such as logins and passwords. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10363; scriptversion "1.35";...

Microsoft IIS WebHits null.htw .asp Source Disclosure

It is possible to get the source code of ASP scripts by issuing a specially crafted request. ASP source codes usually contain sensitive information such as usernames and passwords. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10356; scriptversion"1.44";...

Microsoft Index Server 2.0 - '%20' ASP Source Disclosure

source: https://www.securityfocus.com/bid/1084/info Index Server can be used to cause IIS to display the source of .asp and possibly other server-side processed files. By appending a space %20 to the end of the filename specified in the 'CiWebHitsFile' variable, and setting 'CiHiliteType' to 'Ful...