Lucene search
K

40 matches found

Tenable Nessus
Tenable Nessus
added 2003/03/24 12:0 a.m.38 views

Adcycle build.cgi Remote Password Disclosure

The CGI 'build.cgi' is installed. This CGI has a well known security flaw that lets an attacker obtain the password of the remote AdCycle database or delete databases. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.5CVSS5.5AI score0.01387EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2003/03/23 12:0 a.m.175 views

Matt Wright textcounter.pl Arbitrary Command Execution

The CGI 'textcounter' is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; i...

10CVSS5.9AI score0.1187EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2002/10/25 12:0 a.m.38 views

virgil.txt

-----BEGIN PGP SIGNED MESSAGE----- - - -------------------------------------------------------------------------- KALIF research group [email protected] October 21st, 2002 Joschka Fischer - - -------------------------------------------------------------------------- - - Overview Software : Virgi...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/07/26 12:0 a.m.31 views

CGI bugs

No description provided...

1.4AI score
Exploits0References3Affected Software3
securityvulns
securityvulns
added 2002/07/11 12:0 a.m.56 views

Lil'HTTP Pbcgi.cgi XSS Vulnerability

Recently, I reported on a vulnerability in the Urlcount.cgi script of Lil'HTTP Server Summit Computer Networks. This time, another CGI pbcgi.cgi has been found vulnerable to cross-site scripting. Some versions of this CGI will take the form input you POST/GET to it, and break it into name/e-mail...

0.3AI score
Exploits0
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.18 views

CVE-2001-1241

Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document that begins with "!" and the desired program name...

7.7AI score0.0387EPSS
Exploits0References6
securityvulns
securityvulns
added 2001/10/16 12:0 a.m.66 views

Дырки в Interscan VirusWall, OfficeScan, Virus Buster (remote execution, buffer overflow)

Возможно запустить удаленно несколько CGI имеющих переполнения буфера...

5.1AI score
Exploits0References8Affected Software4
securityvulns
securityvulns
added 2001/05/24 12:0 a.m.48 views

Очередные дырки в CGI

No description provided...

0.9AI score
Exploits0References3Affected Software2
Tenable Nessus
Tenable Nessus
added 2001/05/10 12:0 a.m.17 views

PerlCal cal_make.pl p0 Parameter Traversal Arbitrary File Read

The 'calmake.pl' cgi is installed on the remote host. This CGI has a well known security flaw that lets anyone read arbitrary files with the privileges of the http daemon root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...

5CVSS5.5AI score0.03757EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2001/02/15 12:0 a.m.35 views

W3.org Anaya Web sendtemp.pl 'templ' Parameter Traversal Arbitrary File Access

The 'sendtemp.pl' CGI is installed. This CGI has a well known security flaw that allows an attacker read arbitrary files with the privileges of the HTTP daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid10614;...

5CVSS5.7AI score0.03114EPSS
Exploits1References1
securityvulns
securityvulns
added 2001/02/02 12:0 a.m.214 views

SUBMISSION - multiple vulnerabilities in Prospero 1.3.5 CGI

= Warped Force Advisory = Author: darkyoda [email protected] Subject: Multiple vulnerabilities in Prospero 1.3.5 CGI Discovered: 12.15.00 Announced: 2.1.01 Vendor Status: Maintainer notified 12.27.00. New version released. Current version is 1.3.7 Platforms: Any web server capable of running...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2000/12/13 12:0 a.m.20 views

ezmlm-cgi/ezmlm-idx-0.40 security advisory

Summary: ezmlm-cgi is part of the ezmlm-idx-0.40.tar.gz package and allows web access to mailing list archives. When ezmlm-cgi is installed SUID user other than root, it can be used to execute arbitrary commands with the effective uid of the SUID user. Scope: Default installations of ezmlm-idx-0....

0.1AI score
Exploits0
securityvulns
securityvulns
added 2000/08/31 12:0 a.m.35 views

News Publisher CGI Vulnerability

Product: News Publisher Versions: Tested v1.05, 1.05a, 1.05b and 1.06 newest OS: Unix and Winnt Vendor: Notified Web Site: www.gwscripts.com The Problem, yet again CGI authors use nested IF statements to decide what action to take upon and incoming request. This time the problem allows ppl to add...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2000/08/14 12:0 a.m.43 views

wais.pl.advisory.txt

Wais.pl parameter passing security problem + Another fine advisory by Scrippie |============================================| Cheers to: zsh, Synnergy, phreak.nl | Lots of Love to: Maja, Hester | --- The CGI --- The wais.pl CGI written by Tony Sanders provides means to access the waisq WAIS...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/12/15 12:0 a.m.204 views

Lincoln D. Stein nph-publish.cgi pathname Parameter Traversal Arbitrary File Write

The 'nph-publish.cgi' is installed. This CGI has a well known security flaw that lets an attacker to execute arbitrary commands with the privileges of the HTTP daemon usually root or nobody. %NASLMINLEVEL 70300 This script was written by Mathieu Perrin See the Nessus Scripts License for details...

5CVSS6AI score0.02881EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 1999/08/20 12:0 a.m.81 views

Excite for Web Server architext_query.pl Shell Metacharacter Arbitrary Command Execution

Excite for Webservers is installed. This CGI has a well-known security flaw that lets a remote attacker execute arbitrary commands with the privileges of the web server. Versions newer than 1.1. are patched. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

7.5CVSS5.9AI score0.03919EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.117 views

IRIX webdist.cgi Arbitrary Command Execution

The 'webdist.cgi' CGI is installed. This script has a well-known security flaw that lets anyone execute arbitrary commands with the privileges of the web server user id. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.5CVSS7.7AI score0.16209EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.56 views

Multiple Vendor phf CGI Arbitrary Command Execution

The 'phf' CGI is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

10CVSS5.8AI score0.86871EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.22 views

Miva htmlscript Traversal Arbitrary File Access

The 'htmlscript' cgi is installed. This CGI has a well known security flaw that lets anyone read arbitrary files with the privileges of the HTTP daemon root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

5CVSS5.4AI score0.05853EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 1999/06/22 12:0 a.m.24 views

PHP/FI php.cgi Traversal Arbitrary File Access

'php.cgi' is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the HTTP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid10177;...

10CVSS8.5AI score0.06117EPSS
Exploits0References1
Rows per page
Query Builder