20 matches found
EUVD-2003-1533
Malware in sbrugna...
EUVD-2001-0308
Malware in sbrugna...
EUVD-2000-0768
Malware in sbrugna...
EUVD-2001-0307
Malware in sbrugna...
Bajie HTTP Server 0.95 Example Scripts And Servlets Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8841/info Demonstration scripts and servlets that are distributed as part of Bajie HTTP Server have been reported prone to multiple cross-site scripting vulnerabilities. It has been reported that a remote attacker may...
CVE-2003-1543
CVE-2003-1543 is an XSS vulnerability in Bajie Http Web Server versions 0.95zxe and 0.95zxc (and possibly others) where a remote attacker can inject arbitrary script/HTML via the query string that is reflected in an error message. The cited sources corroborate the vulnerability class (cross-site ...
CVE-2003-1543
Cross-site scripting XSS vulnerability in Bajie Http Web Server 0.95zxe, 0.95zxc, and possibly others, allows remote attackers to inject arbitrary web script or HTML via the query string, which is reflected in an error message...
CVE-2000-0773
Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains a "....", a variant of the dot dot directory traversal attack...
CVE-2000-0773
Summary: Bajie HTTP web server 0.30a contains a path traversal vulnerability that allows a remote attacker to read arbitrary files by using a URL containing a dot-dot sequence ("...."). The root cause is insufficient validation of path components in the HTTP request, resulting in potential partia...
CVE-2003-1543
Cross-site scripting XSS vulnerability in Bajie Http Web Server 0.95zxe, 0.95zxc, and possibly others, allows remote attackers to inject arbitrary web script or HTML via the query string, which is reflected in an error message...
Bajie HTTP Server 0.95 - Example Scripts and Servlets Cross-Site Scripting
source: https://www.securityfocus.com/bid/8841/info Demonstration scripts and servlets that are distributed as part of Bajie HTTP Server have been reported prone to multiple cross-site scripting vulnerabilities. It has been reported that a remote attacker may construct a malicious link containing...
CVE-2001-0308
UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... modified .. to access the file that was created for the program...
CVE-2001-0307
Bajie HTTP JServer 0.78, and other versions before 0.80, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request for a CGI program that does not exist...
CVE-2001-0307
Bajie HTTP JServer 0.78, and other versions before 0.80, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request for a CGI program that does not exist...
CVE-2001-0308
UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... modified .. to access the file that was created for the program...
CVE-2001-0308
The CVE-2001-0308 entry affects Bajie HTTP JServer 0.78 (and possibly earlier than 0.80). The vulnerability is in UploadServlet, which lets a remote attacker upload a program and then (via a modified .. path) access the file created for that program to execute arbitrary commands. The connected do...
CVE-2001-0307
CVE-2001-0307 affects Bajie HTTP JServer 0.78 and earlier than 0.80. The vulnerability allows remote command execution via shell metacharacters in an HTTP request for a CGI program that does not exist. NVD lists a CVSS v2 base score of 7.5 (HIGH) with network access, no authentication, and partia...
CVE-2000-0773
Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains a "....", a variant of the dot dot directory traversal attack...
CVE-2000-0774
The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web document root...
CVE-2000-0774
The CVE-2000-0774 entry concerns Bajie HTTP web server 0.30a, where the sample Java servlet “test” discloses the real pathname of the web document root. The vulnerability is an information disclosure in which an ordinary request to the test servlet reveals server-side directory paths. The connect...