CVE-2020-26567

An issue was discovered on D-Link DSR-250N before 3.17B devices. The CGI script upgradeStatusReboot.cgi can be accessed without authentication. Any access reboots the device, rendering it therefore unusable for several minutes...

[RHSA-2003:320-01] Updated httpd packages fix Apache security vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated httpd packages fix Apache security vulnerabilities Advisory ID: RHSA-2003:320-01 Issue date: 2003-12-16 Updated on: 2003-12-16 Product:...

CGIscript.net - csSearch.cgi - Remote Code Execution (up to 17,000 sites vulnerable)

CGIscript.net - csSearch.cgi - Remote Code Execution up to 17,000 sites vulnerable --------------------------------------------------------------------- Name : csSearch.cgi - Remote Code Execution Date : March 25, 2002 Product : csSearch Version : 2.3 vulnerable Vuln Type : Access Validation Erro...

A1Stats Multiple Script Traversal Arbitrary File Access

The 'aldisp.cgi' CGI script was found on this system. This script allows an attacker to view any file on the target computer by making a specially crafted GET request. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

Oracle Webserver PL/SQL Stored Procedure GET Request DoS

It was possible to make the remote web server crash by supplying a too long argument to the cgi /ews-bin/fnord. An attacker may use this flaw to prevent your customers to access your website. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc...