Exploit for Path Traversal in Apache Http_Server

Apache 2.4.50 - Path Traversal or Remote Code Execution cve-20...

Exploit for Path Traversal in Apache Http_Server

Apache 2.4.50 - Path Traversal or Remote Code Execution cve-20...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 CVE-2021-41773 POC with Docker Configurati...

Exploit for Path Traversal in Apache Http_Server

This is a PoC exploit for CVE-2021-41773 and CVE-2021-42013, whi...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Path traversal and file disclosure vulnerabilit...

Exploit for Path Traversal in Apache Http_Server

This is a PoC exploit for CVE-2021-41773, a remote code executio...

Oracle Linux 8 : ruby:3.0 (ELSA-2022-6450)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-6450 advisory. - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : ruby:2.7 (ELSA-2022-6447)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-6447 advisory. - Fix regular Expression Denial of Service Vulnerability of Date Parsing Methods. Resolves: CVE-2021-41817 - Fix cookie prefix spoofing in...

ruby:3.0 security, bug fix, and enhancement update

An update is available for rubygem-mysql2, rubygem-pg, rubygem-abrt, ruby. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Ruby is an extensible, interpreted,...

RHEL 8 : ruby:2.7 (RHSA-2022:6447)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6447 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

cgi.www5b.biglobe.ne.jp Cross Site Scripting vulnerability OBB-2914544

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-38400

Mailform Pro CGI 4.3.1 and earlier allow a remote unauthenticated attacker to obtain the user input data by having a use of the product to access a specially crafted URL...

Input validation

Mailform Pro CGI 4.3.1 and earlier allow a remote unauthenticated attacker to obtain the user input data by having a use of the product to access a specially crafted URL...

CVE-2022-38400

Mailform Pro CGI 4.3.1 and earlier allow a remote unauthenticated attacker to obtain the user input data by having a use of the product to access a specially crafted URL...

CVE-2022-38400

CVE-2022-38400 affects Mailform Pro CGI 4.3.1 and earlier. The root cause is the Thanks module saving user input data for a short window (default 30 seconds), enabling a remote unauthenticated attacker to access a specially crafted URL and disclose user input data. Impact is information disclosur...

Security Bulletin: Redirect HTTP traffic vulnerability may affect IBM HTTP Server (CVE-2016-5387)

Summary There is a vulnerability that allows redirecting of HTTP traffic with CGI applications that may affect IBM HTTP Server IHS. This vulnerability is known as "HTTPOXY". Vulnerability Details CVEID: CVE-2016-5387 DESCRIPTION: Apache HTTP Server could allow a remote attacker to redirect HTTP...

PT-2022-24408 · Unknown · Mailform Pro Cgi

Name of the Vulnerable Software and Affected Versions: Mailform Pro CGI versions 4.3.1 and earlier Description: The issue allows a remote unauthenticated attacker to obtain user input data by accessing a specially crafted URL. Recommendations: For Mailform Pro CGI versions 4.3.1 and earlier, at t...

CVE-2022-37840

In TOTOLINK A860R V4.1.2cu.5182B20201027, the main function in downloadfile.cgi has a buffer overflow vulnerability...

TOTOLINK A860R 安全漏洞

TOTOLINK A860R is a dual-band wireless router with a maximum transmission rate of 1200Mbps, 6-antenna dual-band concurrent technology, and support for remote management by mobile APP, which is suitable for small and medium-sized enterprises and home network environments. TOTOLINK A860R suffers fr...

SYNCK GRAPHICA Mailform Pro CGI vulnerable to information disclosure

Overview Mailform Pro CGI provided by SYNCK GRAPHICA contains an information disclosure vulnerability CWE-200. Thanks module of this product saves user input data for a certain period of time. The time is set to 30 seconds by default in configs/thanks.cgi file. To exploit this vulerability, it is...