CVE-2019-15051

An issue was discovered in Softing uaGate SI, MB, 840D firmware through 1.71.00.1225. A CGI script is vulnerable to command injection via a maliciously crafted form parameter...

CVE-2010-2364

Cross-site scripting XSS vulnerability in Free CGI Moo moobbs before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-2365

Cross-site scripting XSS vulnerability in Free CGI Moo moobbs2 before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-2366

Cross-site scripting XSS vulnerability in futomi CGI Cafe Access Analyzer CGI Professional, and Standard 4.0.2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-9184

ZTE ZXDSL 831CII allows remote attackers to bypass authentication via a direct request to 1 main.cgi, 2 adminpasswd.cgi, 3 userpasswd.cgi, 4 upload.cgi, 5 conprocess.cgi, or 6 connect.cgi...

CVE-2010-4731

Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a...

CVE-2025-44882

A command injection vulnerability in the component /cgi-bin/firewall.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input...

CVE-2008-4560

HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via 1 a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or 2 a crafted parameter in a request to the ovlaunch.exe CGI program,...

CVE-2008-4559

HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via shell metacharacters in argument fields to the 1 webappmon.exe or 2 OpenView5.exe CGI program. NOTE: this issue may be partially covered by CVE-2009-0205...

CVE-2009-1590

Unspecified vulnerability in CGI RESCUE FORM2MAIL before 1.42 allows remote attackers to send email to arbitrary recipients via a web form...

CVE-2002-2011

Cross-site scripting XSS vulnerability in the fom CGI program fom.cgi in Faq-O-Matic 2.711 and 2.712 allows remote attackers to inject arbitrary web script or HTML via the file parameter...

CVE-2002-1986

Perception LiteServe 2.0 through 2.0.1 allows remote attackers to obtain the source code of CGI scripts via an HTTP request with a trailing dot "."...

CVE-2002-1938

Virgil CGI Scanner 0.9 allows remote attackers to execute arbitrary commands via the 1 tar TARGET or 2 zielport ZIELPORT parameters...

CVE-2002-1854

Rlaj whois CGI script whois.cgi 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain name field...

CVE-2008-7120

SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter...

CVE-2009-1589

Unspecified vulnerability in CGI RESCUE MiniBBS22 before 1.01 allows remote attackers to send email to arbitrary recipients via unknown vectors...

CVE-1999-0236

ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs...

CVE-1999-0605

An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose private information...

CVE-1999-0191

IIS newdsn.exe CGI script allows remote users to overwrite files...

CVE-1999-0146

The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file...