Lucene search
K

26 matches found

seebug.org
seebug.org
added 2008/03/15 12:0 a.m.48 views

Adobe ColdFusion多个跨站脚本及无效日志漏洞

BUGTRAQ ID: 28205,28207 CVECAN ID: CVE-2008-0643,CVE-2008-0644,CVE-2008-1203 ColdFusion MX是一款高效的网络应用服务器开发环境,具有很高的易用性和开发效率,基于标准的Java技术,可以与XML、Web Services和Microsoft.NET环境相集成。 如果ColdFusion应用的Application.cfm或Application.cfc包含有setEncoding函数的话,远程攻击者就可以通过提交恶意请求执行跨站脚本攻击。...

7.5CVSS6.4AI score0.15481EPSS
Exploits1
Cvelist
Cvelist
added 2007/09/12 7:0 p.m.26 views

CVE-2007-4727

Buffer overflow in the fcgienvadd function in modproxybackendfastcgi.c in the modfastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the...

7.5AI score0.12895EPSS
Exploits1References18
OSV
OSV
added 2007/08/29 12:0 a.m.31 views

DSA-1362-1 lighttpd - several vulnerabilities

Bulletin has no description...

8.3CVSS6AI score0.12895EPSS
Exploits3
Exploit DB
Exploit DB
added 2002/10/23 12:0 a.m.34 views

MyMarket 1.71 - 'Form_Header.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/6035/info MyMarket is prone to cross-site scripting attacks. HTML tags and script code are not sanitized from CGI variables which may cause user-supplied input to be displayed. As a result, an attacker can create a link to a site running the vulnerable...

7.4AI score
Exploits0
Debian
Debian
added 2001/12/16 1:42 a.m.17 views

[SECURITY] [DSA-094-1] mailman cross-site scripting problem

Package : mailman Problem type : cross-site scripting hole Debian-specific: no Barry A. Warsaw reported several cross-site scripting security holes in Mailman, due to non-existent escaping of CGI variables. These have been fixed upstream in version 2.0.8, and the relevant patches have been...

5.8AI score
Exploits0
Exploit DB
Exploit DB
added 2000/05/10 12:0 a.m.23 views

Matt Wright FormMail 1.6/1.7/1.8 - Environmental Variables Disclosure

source: https://www.securityfocus.com/bid/1187/info An unauthorized remote user is capable of obtaining CGI environmental variable information from a web server running Matt Wright FormMail by requesting a specially formed URL that specifies the email address to send the details to. This is...

7.4AI score
Exploits0
Rows per page
Query Builder