9774 matches found
CGI bugs
No description provided...
CGI::Lite protection bypass
Not all dangerous shell characters are filtered by CGI::Lite::escapedangerouschars...
Security bug in CGI::Lite::escape_dangerous_chars() function
SUBJECT Security bug in CGI::Lite::escapedangerouschars function, part of the CGI::Lite 2.0 package, and earlier revisions thereof. SUMMARY The CGI::Lite::escapedangerouschars function fails to escape the entire set of special characters that may have significance to the underlying shell command...
CGI bugs
No description provided...
CVE-2003-0057
Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code 1 via a long attachment filename that is not properly handled by the hypermail executable, or 2 by connecting to the mail CGI program from an IP address...
CGI bugs
No description provided...
Hypermail buffer overflows
Hypermail buffer overflows PROGRAM: Hypermail HOMEPAGE: http://www.hypermail.org/ SOURCEFORGE PAGE: http://sourceforge.net/projects/hypermail/ VULNERABLE VERSIONS: 2.1.3, 2.1.4, 2.1.5, possibly others IMMUNE VERSIONS: 2.1.6 DESCRIPTION: "Hypermail 2 is a much enhanced version of the popular tool...
CGI bugs
No description provided...
Trend Micro OfficeScan 3.x - CGI Directory Insufficient Permissions
source: https://www.securityfocus.com/bid/6616/info A vulnerability has been reported for Trend Micro OfficeScan that may allow attackers to access programs residing in the cgi directory of the OfficeScan installation. http://x.x.x.x/officescan/cgi/cgiMasterPwd.exe...
Trend Micro OfficeScan 3.x - CGI Directory Insufficient Permissions
Trend Micro OfficeScan 3.x - CGI Directory Insufficient Permissions source: https://www.securityfocus.com/bid/6616/info A vulnerability has been reported for Trend Micro OfficeScan that may allow attackers to access programs residing in the cgi directory of the OfficeScan installation...
CGI bugs
No description provided...
Psunami Bulletin Board 0.x - 'Psunami.cgi' Remote Command Execution (1)
source: https://www.securityfocus.com/bid/6607/info Psunami Bulletin Board is prone to a remote command execution vulnerability. Psunami does not sufficiently sanitize shell metacharacters from query string parameters. As a result, it may be possible for a remote attacker to execute arbitrary...
XSS (Cross Site Scripting) on FormMail.CGI
Topic: XSS Cross Site Scripting on FormMail.CGI Version: 1.92 Released: April 21, 2002 Manufacturer: http://www.scriptarchive.com/formmail.html By XyborG - [email protected] - http://www.rzweb.com.ar/ Formmai.cgi, it is a utility that serves to send forms by email, among other uses. The operatio...
CGI bugs
No description provided...
Multiple cgihtml bugs
Temporary files problem, Content-Length DoS, buffer overflows...
CGI bugs
No description provided...
Smart Search 4.25 - Remote Command Execution
Smart Search 4.25 - Remote Command Execution source: https://www.securityfocus.com/bid/7133/info A vulnerability has been discovered in the Smart Search CGI script. Due to insufficient sanitization of user-supplied URI parameters, it may be possible for an attacker to execute arbitrary commands o...
Smart Search 4.25 - Remote Command Execution
source: https://www.securityfocus.com/bid/7133/info A vulnerability has been discovered in the Smart Search CGI script. Due to insufficient sanitization of user-supplied URI parameters, it may be possible for an attacker to execute arbitrary commands on a target system. All commands executed in...
CVE-2002-1938
Virgil CGI Scanner 0.9 allows remote attackers to execute arbitrary commands via the 1 tar TARGET or 2 zielport ZIELPORT parameters...
CVE-2002-1635
The Apache configuration file httpd.conf in Oracle 9i Application Server 9iAS uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin...