Lucene search
+L

4676 matches found

Cvelist
Cvelist
added 2002/03/09 5:0 a.m.24 views

CVE-2001-0634

Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service...

6.6AI score0.00367EPSS
Exploits0References4
CVE
CVE
added 2002/03/09 5:0 a.m.50 views

CVE-2001-0634

Sun Chili!Soft ASP has weak permissions on various configuration files, enabling a local attacker to gain additional privileges and cause a denial of service. Affected product: Sun Chili!Soft ASP. Root cause: insecure/weak permissions on configuration files. CVSS v2 base score 7.2 (HIGH) with loc...

7.2CVSS7AI score0.00367EPSS
Exploits0References4Affected Software1
exploitpack
exploitpack
added 2002/02/27 12:0 a.m.16 views

Snitz Forums 2000 3.03.13.3 - Image Tag Cross-Agent Scripting

Snitz Forums 2000 3.03.13.3 - Image Tag Cross-Agent Scripting source: https://www.securityfocus.com/bid/4192/info Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems. Snitz Forums 2000 allows users to include images in forum messages using image tags,...

Exploits0
NVD
NVD
added 2002/02/13 5:0 a.m.27 views

CVE-2002-1603

GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain the source code of ASP files via a URL terminated with a /, , %2f encoded /, %20 encoded space, or %00 encoded null character, which returns the ASP source code unparsed...

5CVSS6.4AI score0.13671EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2002/02/05 12:0 a.m.46 views

Microsoft IIS ASP Redirection Function XSS

The remote host contains an ASP.NET installation that is affected by a cross-site scripting vulnerability. An attacker can exploit this issue to execute arbitrary HTML or script code in a user's browser within the security context of the affected site. %NASLMINLEVEL 70300 C Tenable Network...

6.8CVSS5.8AI score0.16311EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/02/02 5:0 a.m.26 views

CVE-2001-0972

Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie UserID 1, i.e. "0888888."...

7AI score0.03823EPSS
Exploits0References3
CVE
CVE
added 2002/02/02 5:0 a.m.43 views

CVE-2001-0972

The CVE-2001-0972 entry concerns Surf-Net ASP Forum prior to version 2.30, where admin cookies are derived from the UserID and are easily guessable (example: admin cookie for UserID 1 is “0888888”). This creates a remote‑attack risk: a attacker could calculate the admin cookie and gain administra...

10CVSS7.4AI score0.03823EPSS
Exploits0References3Affected Software1
exploitpack
exploitpack
added 2002/01/29 12:0 a.m.31 views

Microsoft Site Server 3.0 - Cross-Site Scripting

Microsoft Site Server 3.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/3999/info Microsoft Site Server is designed to run on Microsoft Windows NT Server platforms. It provides a means for users on a corporate intranet to share, publish, and find information. Site Server Commer...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2002/01/29 12:0 a.m.32 views

Microsoft Site Server 3.0 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/3999/info Microsoft Site Server is designed to run on Microsoft Windows NT Server platforms. It provides a means for users on a corporate intranet to share, publish, and find information. Site Server Commerce Edition incorporates the same features as well...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/12/01 12:0 a.m.45 views

Обратный путь в директориях aspapload (directory traversal)

Обратный путь в директориях в демонстрационных ASP-скриптах...

1.9AI score
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2001/11/26 12:0 a.m.23 views

Microsoft Internet Explorer 5.5/6.0 - Spoofable File Extensions

source: https://www.securityfocus.com/bid/3597/info It is possible for a malicious webmaster, hosting files on an website, to spoof file extensions for users of Internet Explorer. For example, an .exe file can be made to look like a .txt or other seemingly harmless file type file in the Download...

7AI score
Exploits0
NVD
NVD
added 2001/09/20 4:0 a.m.32 views

CVE-2001-0709

Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode...

5CVSS6.7AI score0.35559EPSS
Exploits0References3
CVE
CVE
added 2001/09/12 4:0 a.m.75 views

CVE-1999-0154

The vulnerability affects IIS versions 2.0–3.0, where a request ending with a period (dot) can cause the server to reveal ASP page source to an attacker. This is a remote read of source code resulting from the URL handling behavior in IIS 2.0/3.0. Practical impact: exposure of ASP source. The PT-...

5CVSS7.2AI score0.40015EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2001/09/12 4:0 a.m.57 views

CVE-1999-1017

CVE-1999-1017 concerns Seattle Labs Emurl 2.0 (and possibly earlier versions), where e-mail attachments are stored in a directory with scripting enabled. This configuration allows a malicious ASP file attachment to execute when the recipient opens the message. The connected documents reproduce th...

7.5CVSS6.9AI score0.01132EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.35 views

CVE-1999-0154

IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . dot to the end of the URL...

6.8AI score0.40015EPSS
Exploits0References1
NVD
NVD
added 2001/08/31 4:0 a.m.16 views

CVE-2001-0972

Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie UserID 1, i.e. "0888888."...

10CVSS7AI score0.03823EPSS
Exploits0References3
CVE
CVE
added 2001/08/29 4:0 a.m.58 views

CVE-2001-0709

Vulnerability summary (CVE-2001-0709): Microsoft IIS 4.0 and earlier, when installed on a FAT partition, is susceptible to remote disclosure of ASP source code. An attacker can obtain the source by requesting a URL encoded with Unicode. The description in the provided documents confirms the expos...

5CVSS7AI score0.35559EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2001/08/29 4:0 a.m.30 views

CVE-2001-0709

Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode...

6.7AI score0.35559EPSS
Exploits0References3
NVD
NVD
added 2001/08/22 4:0 a.m.18 views

CVE-2001-0633

Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' dot dot attack in the sample script 'codebrws.asp'...

5CVSS6.6AI score0.02043EPSS
Exploits0References2
NVD
NVD
added 2001/08/22 4:0 a.m.17 views

CVE-2001-0634

Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service...

7.2CVSS6.6AI score0.00367EPSS
Exploits0References4
Rows per page
Query Builder