CVE-2022-37123

D-link DIR-816 A2v1.10CNB04.img is vulnerable to Command injection via /goform/form2userconfig.cgi...

CVE-2019-9949

Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution as root, starting from a low-privilege user session vulnerability. The cgi-bin/webfilemgr.cgi file allows arbitrary file write by...

ZTE Modem ZXDSL 531BIIV7.3.0f_D09_IN - Persistent Cross-Site Scripting

ZTE Modem ZXDSL 531BIIV7.3.0fD09IN - Persistent Cross-Site Scripting Exploit Title: ZTE Modem Stored XSS Vulnerability Date: 30-10-2014 Exploit Author: Ravi Rajput aka Gr3y n00b IHT team Version: ZXDSL 531BIIV7.3.0fD09IN Software Link:http://wwwen.zte.com.cn Tested on : Windows 7 code : GET...

Serious Remote PHP Bug Accidentally Disclosed

A serious remote-code execution vulnerability in PHP was accidentally disclosed Wednesday, leading to fears of an outbreak of attacks on sites that were built using vulnerable versions of PHP. The bug has been known privately since January when a team of researchers used it in a capture the flag...

CVE-2008-0599

The initrequestinfo function in sapi/cgi/cgimain.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATHTRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI. Recent assessments: sulinhyo at March 28, 2022 7:35a...

Mail Machine <= 3.989 Local File Inclusion Exploit

No description provided by source. !/usr/bin/perl -w Mail Machine Local File Include Exploit Vuln. v3.980, v3.985, v3.987, v3.988 and v3.989 ! Application homepage : http://www.mikesworld.net/mailmachine.shtml ! Author : H4 / Team XPK ! Contact : [email protected]...

The Includer CGI <= 1.0 Remote Command Execution (new version)

No description provided by source. !/usr/bin/perl Target - The Includer CGI = 1.0 Based on - http://www.milw0rm.com/id.php?id=862 Info about bug - Stupid use "Open" function. If you want know more visit our home page at nst.void.ru use IO::Socket; if @ARGV 3 print " \n Includer CGI = 1.0 Network...

phpBB <= 2.0.10 Remote Command Execution Exploit (cgi version)

No description provided by source. !/usr/bin/perl wphpbb.cgi hack service: http://site/cgi-bin/wphpbb.cgi use CGI qw:standard; $CGI::HEADERSONCE = 1; $CGI = new CGI; $atak = $CGI-param"atak"; $serv = $CGI-param"serv"; $dir = $CGI-param"dir"; $topic = $CGI-param"topic"; $cmd = $CGI-param"cmd"; pri...

Mercantec SoftCart 4.00b CGI Overflow

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

Mercantec SoftCart 4.00b - CGI Overflow (Metasploit)

Mercantec SoftCart 4.00b - CGI Overflow Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Mercantec SoftCart 4.00b - CGI Overflow (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Mercantec...

CCBILL CGI Remote Exploit for whereami.cgi (ccbillx.c)

No description provided by source. / ===================================== CCBILL CGI Remote Exploit for /ccbill/whereami.cgi By: Knight420 7/07/03 spawns a shell with netcat and attempts to connect into the server on port 6666 to gain access of the webserver uid C COPYRIGHT Blue Ballz , 2003 all...

CCBILL CGI Remote Exploit for whereami.cgi (ccbillx.c)

Exploit for cgi platform in category web applications ====================================================== CCBILL CGI Remote Exploit for whereami.cgi ccbillx.c ====================================================== / ===================================== CCBILL CGI Remote Exploit for...

CCBILL CGI - 'ccbillx.c' 'whereami.cgi' Remote Code Execution

/ ===================================== CCBILL CGI Remote Exploit for /ccbill/whereami.cgi By: Knight420 7/07/03 spawns a shell with netcat and attempts to connect into the server on port 6666 to gain access of the webserver uid C COPYRIGHT Blue Ballz , 2003 all rights reserved...

Infinity CGI Exploit Scanner Multiple Vulnerabilities

The remote is running Infinity Exploit Scanner, a web-based CGI vulnerability scanner implemented in perl and stored under the name 'nph-exploitscanget.cgi'. There is a flaw in this CGI that lets an attacker execute arbitrary commands on this host. In addition to this, there is a flaw in this CGI...

Infinity CGI Exploit Scanner 3.11 - Cross-Site Scripting

Infinity CGI Exploit Scanner 3.11 - Cross-Site Scripting source: https://www.securityfocus.com/bid/7910/info Infinity CGI Exploit Scanner is reported to be prone to a cross-site scripting vulnerability. An attacker could exploit this issue to creating a malicious link to a site hosting the softwa...

Psunami Bulletin Board 0.x - 'Psunami.cgi' Remote Command Execution (1)

source: https://www.securityfocus.com/bid/6607/info Psunami Bulletin Board is prone to a remote command execution vulnerability. Psunami does not sufficiently sanitize shell metacharacters from query string parameters. As a result, it may be possible for a remote attacker to execute arbitrary...

Oracle Reports Server Buffer Overflow (#NISR12062002B)

NGSSoftware Insight Security Research Advisory Name: Oracle 9iAS Reports Server Systems: All Severity: High Risk Category: Remote Buffer Overrun Vulnerability Vendor URL: http://www.oracle.com/ Author: David Litchfield [email protected] Advisory URL:...

IBM Websphere/Net.Commerce 3 - CGI-BIN Macro Denial of Service

source: https://www.securityfocus.com/bid/2588/info Net.Commerce is part of the Websphere platform of products distributed by IBM. Net.Commerce provides several versatile features to facilitate e-commerce, and features in performance and reliability. A problem in the Net.Commerce package could...

ultrascripts ultraboard 1.6 - Directory Traversal

source: https://www.securityfocus.com/bid/1164/info UltraBoard 1.6 and possibly all 1.x versions is vulnerable to a directory traversal attack that will allow any remote browser to download any file that the webserver has read access to. On Windows instalations, the file must reside on the same...