730 matches found
[Full-disclosure] Local user to root escalation in apache 1.3.34 (Debian only)
Version 1.3.34-4 of Apache in the Debian Linux distribution contains a hole that allows a local user to access a root shell if the webserver has been restarted manually. This bug does not exist in the upstream apache distribution, and was patched in specifically by the Debian distribution. The bu...
AWStats configdir Remote Command Execution
This module exploits an arbitrary command execution vulnerability in the AWStats CGI script. iDEFENSE has confirmed that AWStats versions 6.1 and 6.2 are vulnerable. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework cla...
Apache 2.2.2 - CGI Script Source Code Information Disclosure
source: https://www.securityfocus.com/bid/19447/info Apache is prone to an information-disclosure vulnerability because it fails to properly handle exceptional conditions. An attacker can exploit this issue to retrieve script source code. Information obtained may aid in further attacks. Versions...
TWiki configure Script Arbitrary Command Execution
The version of TWiki installed on the remote host uses an unsafe 'eval' in the 'bin/configure' script that can be exploited by an unauthenticated attacker to execute arbitrary Perl code subject to the privileges of the web server user id. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CVE-2006-3207
Directory traversal vulnerability in newpost.php in Ultimate PHP Board UPB 1.9.6 and earlier allows remote attackers to overwrite arbitrary files via a .. dot dot sequence and trailing null %00 byte in the id parameter, as demonstrated by injecting a Perl CGI script using "NR" sequences in the...
ishopcart cgi 0day and multiple vulnerabilities
Vendor: ishopcart inc Vendor Site: ishopcart.com Vendor Status: notified via telephone While spending a night auditing I have found 2 buffer overflows and 1 directory traversal in the ishopcart cgi, which is written in C. The directory traversal is caused by how the cgi chooses to show pages. If,...
WebGUI < 6.7.6 arbitrary command execution
The remote web server contains a CGI script that is prone to arbitrary code execution. Description : The remote host is running WebGUI, a content management system from Plain Black Software. The installed version of WebGUI on the remote host fails to sanitize user-supplied input via the OpenVAS...
Edgewall Software Trac SQL injection flaw
The remote web server contains a CGI script that is affected by a SQL injection flaw. Description: The remote host is running Trac, an enhanced wiki and issue tracking system for software development projects written in python. The remote version of this software is prone to a SQL injection flaw...
CORE-2006-0124: Cross-Site Scripting in Verisign’s haydn.exe CGI script
Core Security Technologies - Corelabs Advisory http://www.coresecurity.com/corelabs/ Cross-Site Scripting in Verisign’s haydn.exe CGI script Date Published: 2006-03-20 Last Update: 2006-03-20 Advisory ID: CORE-2006-0124 Bugtraq ID: None currently assigned CVE Name: None currently assigned Title:...
Cross-Site Scripting in Verisign’s haydn.exe CGI script
Date Published: 2006-03-20 Last Update: 2006-03-20 Advisory ID: CORE-2006-0124 Bugtraq ID: 17170 CVE Name: CVE-2006-1344 Title: Cross-Site Scripting in Verisign’s haydn.exe CGI script Class: Input Validation Error Remotely Exploitable: Yes Locally Exploitable: No Advisory...
Acme thttpd < 2.26 htpasswd Utility Overflow
Binary data 3463.prm...
perl-cal-29920.txt
------=Part1714122617522.1134045408185 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Vendor: Perl-Cal Version tested: Perl-Cal 2.99.20 , other versions may also be affected. Type: Cross Site Scripting Severity: Medium...
Webnews.exe Buffer Overflow Vulnerability
The remote host appears to be running WebNews, which offers web-based access to Usenet news. This CGI script suffers from a buffer overflow vulnerability. SPDX-FileCopyrightText: 2003 John Lampe Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Apache <= 1.3.33 htpasswd local overflow
The remote host appears to be running Apache 1.3.33 or older. There is a local buffer overflow in the 'htpasswd' command in these versions that may allow a local user to gain elevated privileges if 'htpasswd' is run setuid or a remote user to run arbitrary commands remotely if the script is...
bizdb1-search.cgi located
One of the BizDB scripts, bizdb-search.cgi, passes a variable SPDX-FileCopyrightText: 2000 Roelof Temmingh Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
webspirs.cgi
The remote web server contains a CGI script that is prone to information disclosure. Description : The remote host is running WebSPIRS, SilverPlatter SPDX-FileCopyrightText: 2001 Laurent Kitzinger Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Apache HTTP Server Remote Command Execution via .bat files
The Apache HTTP Server 2.0.x Win32 installation is shipped with a default script, /cgi-bin/test-cgi.bat, that allows an attacker to execute commands on the Apache server although it is reported that any .bat file could open this vulnerability. SPDX-FileCopyrightText: 2002 Matt Moore Some text...
guestbook.pl
The SPDX-FileCopyrightText: 1999 Mathieu Perrin Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10099";...
AlienForm CGI Script Directory Traversal Vulnerability (Jun 2002) - Active Check
The AlienForm CGI script is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2002 Andrew Hintz http://guh.nu Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
WebGUI < 6.7.6 Asset.pm Asset Addition Arbitrary Code Execution
The remote host is running WebGUI, a content management system from Plain Black Software. The installed version of WebGUI on the remote host fails to sanitize user-supplied input via the 'class' variable to various sources before using it to run commands. By leveraging this flaw, an attacker may ...