EUVD-2020-21440

Malware in sbrugna...

EUVD-2016-6021

Malware in sbrugna...

CVE-2014-9184

ZTE ZXDSL 831CII allows remote attackers to bypass authentication via a direct request to 1 main.cgi, 2 adminpasswd.cgi, 3 userpasswd.cgi, 4 upload.cgi, 5 conprocess.cgi, or 6 connect.cgi...

Webmin CRLF Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Webmin. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of CGI requests. The issue results from the lack of proper neutralization of CRLF sequences...

CVE-2024-12828

CVE-2024-12828 affects Webmin CGI handling, where unsanitized user input in CGI requests leads to command injection and remote code execution in the root context. The issue arises from improper validation before executing system calls. Public sources (including NVD, OSV, CIRCL, and related adviso...

Webmin CGI Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Webmin. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of CGI requests. The issue results from the lack of proper validation of a user-supplied...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Privoxy vulnerabilities (USN-4886-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4886-1 advisory. It was discovered that Privoxy incorrectly handled CGI requests. An attacker could possibly use this issue to cause a denial of...

USN-4886-1: Privoxy vulnerabilities

It was discovered that Privoxy incorrectly handled CGI requests. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. CVE-2020-35502, CVE-2021-20209, CVE-2021-20210, CVE-2021-20213, CVE-2021-20215, CVE-2021-20216, CVE-2021-20217, CVE-2021-20272,...

PT-2021-13864 · Privoxy +4 · Privoxy +4

Name of the Vulnerable Software and Affected Versions: privoxy versions prior to 3.0.32 Description: A flaw was found in the software, allowing an assertion failure to be triggered with a crafted CGI request, leading to a server crash. This issue can be exploited by attackers to cause a denial of...

Privoxy Security Vulnerability

Privoxy is a proxy server from the Privoxy team in the USA that does not cache web pages and comes with its own filtering features. It has advanced filtering features to enhance privacy, modify web data and HTTP headers, control access and remove advertisements and other annoying Internet...

UBUNTU-CVE-2021-20217

A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability...

CVE-2017-5633

Multiple cross-site request forgery CSRF vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to 1 change the admin password, 2 reboot the device, or 3 possibly have unspecified other impact via crafted requests to CGI programs...

IBM Lotus Domino Web Service Denial of Service (CVE-2005-0986)

IBM Lotus Domino server software provides messaging, calendar/scheduling and other collaborative applications. A vulnerability exists in IBM's Lotus Domino Web Server, in the HTTP server included with Lotus Domino, specifically in the way it handles Common Gateway Interface CGI requests. The flaw...

CVE-2009-2300

The management interface in the phion airlock Web Application Firewall WAF 4.1-10.41 does not properly handle CGI requests that specify large width and height parameters for an image, which allows remote attackers to execute arbitrary commands or cause a denial of service resource consumption via...

CVE-2009-2300

The management interface in the phion airlock Web Application Firewall WAF 4.1-10.41 does not properly handle CGI requests that specify large width and height parameters for an image, which allows remote attackers to execute arbitrary commands or cause a denial of service resource consumption via...

CVE-2008-3862

Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data, related to...

CVE-2008-3862

Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data, related to...

Power Up HTML 0.8033 Beta - Directory Traversal Arbitrary File Disclosure

source: https://www.securityfocus.com/bid/3304/info Power Up HTML is a set of HTML-like commands that can be placed into web pages. It provides a central routing point to simplify programming and customization of CGI scripts. A vulnerability exists in Power Up HTML which allows directory traversa...

hp.vvos.tgad.dos.txt

TGAD DoS VirtualVault Overview The VirtualVault operating system is HP's solution to secure electronic commerce. It is a B1 and B2 DoD compliant system that is becoming increasingly popular with big business, banks, etc., The main security mechanism in which VVOS is based upon is data partitionin...

solarisab2.txt

Date: Sun, 23 Aug 1998 21:02:30 -0700 From: Marc Slemko Subject: Solaris ab2 web server is junk For anyone who didn't figure out in the first two seconds after installing Solaris that running Sun's well, ok, it is some third party server but Sun is licensing it answerbook web server is silly, now...