CGI bugs

No description provided...

CGI bugs

No description provided...

RXGoogle.CGI 1.02.5 - Cross-Site Scripting

RXGoogle.CGI 1.02.5 - Cross-Site Scripting source: https://www.securityfocus.com/bid/9575/info The rxgoogle.cgi search script is prone to a cross-site scripting vulnerability because the software fails to sanitize user input and allows various metacharacters that may facilitate cross-site scripti...

Leif Wright Web Blog blog.cgi ViewFile Request file Parameter Arbitrary Command Execution

The remote host is running LeifWright's blog.cgi - a CGI designed to handle personal web logs or 'blogs'. There is a bug in this software that could allow an attacker to execute arbitrary commands on the remote web server with the privileges of the web user. %NASLMINLEVEL 70300 C Tenable Network...

PJ CGI Neo PJreview_Neo.cgi p Parameter Traversal Arbitrary File Access

The remote host is running PJreviewneo.cgi - a web-based software. There is a bug in this software which may allow an attacker to read arbitrary files on the remote web server with the privileges of the web user. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc...

CGI bugs

No description provided...

ZH2004-02SA (security advisory): PJ CGI Neo review (NeoBoard review) Remote arbitrary file retrieving

ZH2004-02SA security advisory: PJ CGI Neo review NeoBoard review Remote arbitrary file retrieving Published: 29 january 2004 Released: 29 january 2004 Name: PJ CGI Neo review NeoBoard review Affected Systems: Current version Issue: Remote file retrieving Author: Zone-h Security Labs Vendor:...

CVE-2004-2132

Directory traversal vulnerability in PJreviewNeo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary files via a .. dot dot in the p parameter...

PJ CGI Neo Review - Directory Traversal

source: https://www.securityfocus.com/bid/9524/info It has been reported that PJ CGI Neo Review may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory by using '../' character sequences...

ZH2004-02SA.txt

ZH2004-02SA security advisory: PJ CGI Neo review NeoBoard review Remote arbitrary file retrieving Published: 29 january 2004 Released: 29 january 2004 Name: PJ CGI Neo review NeoBoard review Affected Systems: Current version Issue: Remote file retrieving Author: Zone-h Security Labs Vendor:...

freesco crossite scripting

Crossite scripting in example CGI application...

CGI bugs

No description provided...

Acme thttpd 1.9/2.0.x - CGI Test Script Cross-Site Scripting

source: https://www.securityfocus.com/bid/9474/info thttpd is prone to a cross-site scripting vulnerability in the CGI test script. This could permit a remote attacker to create a malicious link to the web server that includes hostile HTML and script code. If this link were followed, the hostile...

Directories management bypassing in Goahead webserver <= 2.1.8

Luigi Auriemma Application: Goahead webserver http://www.goahead.com/webserver/webserver.htm Versions: = 2.1.8 Platforms: multiplatform Bug: bypassing of special directories management with the effect of downloading cgi-bin files and more Risk: medium/high Exploitation: remote with browser Date: ...

GoAhead script source leak

It's possible to obtain content of .asp or cgi-bin file by adding special characters to filename...

CGI bugs

No description provided...

CVE-2003-0992

CVE-2003-0992 is a documented cross-site scripting vulnerability in Mailman’s create CGI script, exploitable to steal cookies of other users. Affected versions are Mailman 2.1.x before 2.1.3; the issue is fixed in later releases (e.g., patches included in 2.1.3 and newer). The linked OpenVAS/Ness...

CVE-2003-0965

CVE-2003-0965 is a cross-site scripting (XSS) vulnerability in the Mailman admin CGI script before 2.1.4. The issue allows remote attackers to steal session cookies and perform unauthorized activities via the administrative interface. Affected: Mailman (admin CGI). Root cause: XSS in the admin UI...

CGI bugs

No description provided...

QuikStore Shopping Cart quikstore.cgi template Parameter Traversal Arbitrary File Access

The CGI 'quickstore.cgi' is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the HTTP daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Date: Tue, 23 Dec 2003 20:27:51 +0800 From: DrPonidi Haryanto Subject:...