340 matches found
CVE-2000-0208
The htdig ht://Dig CGI program htsearch allows remote attackers to read arbitrary files by enclosing the file name with backticks in parameters to htsearch...
Re: Denial of Service in Xitami webserver all versions...
Xitami also has an overflow in one of the default example CGI programs that it comes with. http://server.com/cgi-bin/TESTCGI.EXE bla bla bla overflow argv fun. Signed, Marc eEye Digital Security http://www.eEye.com "Its a bullshit, three ring, circus sideshow. The only way to fix it is to flush i...
CVE-2000-0039
CVE-2000-0039 affects AltaVista search engine via a directory traversal vulnerability in the query.cgi CGI program, allowing remote attackers to read files above the document root by exploiting a .. (dot dot) parameter. The issue is documented across multiple sources (NVD, CVE List, Nessus listin...
CVE-2000-0192
The default installation of Caldera OpenLinux 2.3 includes the CGI program rpmquery, which allows remote attackers to determine what packages are installed on the system...
CVE-2000-0122
CVE-2000-0122 affects FrontPage Server Extensions. A remote attacker can determine the physical path of a virtual directory by issuing a GET to htimage.exe, leading to information disclosure about server layout. The provided records do not specify affected versions, exact vulnerable component det...
CVE-2000-0074
PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions...
CVE-1999-0287
Technical details for CVE-1999-0287 are not publicly provided in the connected documents. No confirmed affected versions, root cause, or fixes are disclosed here. Monitor for updates from vendors and security advisories.
CVE-1999-0604
The CVE-1999-0604 entry refers to an incorrect configuration in the WebStore 1.0 shopping cart CGI program (web_store.cgi) that could disclose private information. Connected sources (Red Hat CVE page, CVE lists, EUVD entry) corroborate the same description. No patches or remediation details are p...
CVE-1999-0604
An incorrect configuration of the WebStore 1.0 shopping cart CGI program "webstore.cgi" could disclose private information...
CVE-1999-0605
Technical details for CVE-1999-0605 are not publicly available in the provided documents. Monitor for updates.
CVE-1999-0606
An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could disclose private information...
CVE-1999-0283
The Java Web Server would allow remote users to obtain the source code for CGI programs...
CVE-2000-0074
PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions...
CVE-1999-0951
Vulnerability summary (CVE-1999-0951) : The OmniHTTPd CGI program imagemap.exe is affected by a remote buffer overflow in its /cgi-bin/imagemap.exe CGI. This can allow a remote attacker to execute arbitrary commands with the web server’s privileges (typically nobody or root). The issue is exploit...
Omnicron OmniHTTPd 1.12.4 Pro - Remote Buffer Overflow
Omnicron OmniHTTPd 1.12.4 Pro - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/739/info There is a remotely exploitable buffer overflow vulnerability in the CGI program "imagemap", which is distributed with Omnicron's OmniHTTPD. During operations made on arguments passed to t...
CVE-1999-0264
htmlscript CGI program allows remote read access to files...
CVE-1999-0260
The jj CGI program allows command execution via shell metacharacters...
CVE-1999-0148
The IRIX environment is affected by CVE-1999-0148 due to the installed /cgi-bin/handler CGI, which has a well-known flaw that allows arbitrary command execution. The vulnerability can execute commands with the privileges of the HTTP daemon (root or nobody). Documents consistently describe it as r...
CVE-1999-0174
Consolidated: CVE-1999-0174 is a traversal flaw in the view_source CGI that allows remote attackers to read arbitrary files via a .. sequence. Affected component: the view_source CGI program; root cause: directory traversal; impact: partial confidentiality. No patch/version details are provided i...
CVE-1999-0146
The CVE-1999-0146 entry refers to the campas CGI program shipped with some NCSA httpd servers. The root cause is improper sanitization of user input in the campas CGI, enabling an attacker to execute arbitrary commands via encoded carriage return characters in the query string, demonstrated by re...