127 matches found
httpdx 1.5 - 'MKD' Directory Traversal
source: https://www.securityfocus.com/bid/38242/info The 'httpdx' program is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue allows an authenticated user to create directories outside the FTP root directory, which m...
Curverider Elgg 1.0 - Templates HTML Injection
Curverider Elgg 1.0 - Templates HTML Injection source: https://www.securityfocus.com/bid/43871/info Elgg is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Exploits require the attacker be an...
Hosting Controller 0.6.1 - User Registration (3)
Username : emailaddress : firstname : milw0rm.com 2005-05-27...
WS_FTP Server vulnerable to buffer overflow when supplied overly long "APPE" command
Overview It has been reported that a vulnerability exists in the processing of a "APPE" command on WSFTP Servers versions 4.x and prior. Exploitation of this vulnerability may lead to an authenticated user executing arbitrary code with the elevated privileges of the server process. Description...
Ecartis HTML Field Manipulation Arbitrary User Password Reset
The remote host is running the Ecartis Mailing List Manager web interface lsg2.cgi. According to its version number, there is a vulnerability that allows an authenticated user to change anyone's password, including the list administrators. An authenticated attacker could exploit this to take...
CGIScript.net - csPassword.cgi 1.0 HTAccess File Modification
CGIScript.net - csPassword.cgi 1.0 HTAccess File Modification source: https://www.securityfocus.com/bid/4888/info CGIScript.net provides various webmaster related tools and is maintained by Mike Barone and Andy Angrick. A vulnerability has been reported in the csPassword.cgi script developed by...
Maxum Rumpus FTP Server 1.3.2/1.3.4/2.0.3 dev - Remote Denial of Service
source: https://www.securityfocus.com/bid/2716/info Rumpus FTP Server is an implementation for MacOS which allows file-sharing across TCP/IP connections. It is possible to log in remotely to the server and shut down the service by making a directory with a name that is 65 characters long. Users...