9795 matches found
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution
Exploit Title: HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution Date: 2010.07.02 Author: S2 Crew Hungary Software Link: hp.com Version: 7.53 Tested on: Windows 2003 CVE: CVE-2010-1555 Code : !/usr/bin/python import struct import socket import httplib import urllib eh =...
HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
Exploit Title: HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution Date: 2010.07.02 Author: S2 Crew Hungary Software Link: hp.com Version: 7.53 Tested on: Windows 2003 CVE: CVE-2010-1553 Code : !/usr/bin/python import struct import socket import httplib import urllib calc.exe...
HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution
Exploit Title: HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution Date: 2010.07.02 Author: S2 Crew Hungary Software Link: hp.com Version: 7.53 Tested on: Windows 2003 CVE: CVE-2010-1554 Code : !/usr/bin/python import struct import socket import httplib import urllib calc.exe...
HP OpenView Network Node Manager (OV NNM) - 'connectedNodes.ovp'l Remote Command Execution (Metasploit)
$Id: openviewconnectednodesexec.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
$Id: guestbookssiexec.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
QuickTime Streaming Server - 'parse_xml.cgi' Remote Execution (Metasploit)
$Id: qtssparsexmlexec.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
AWStats 6.4 < 6.5 - migrate Remote Command Execution (Metasploit)
$Id: awstatsmigrateexec.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
CVE-2010-2626
index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to execute arbitrary commands via shell metacharacters in the fn command. NOTE: some of these details are obtained from third party information...
Information disclosure
index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to execute arbitrary commands via shell metacharacters in the fn command. NOTE: some of these details are obtained from third party information...
CVE-2010-2626
CVE-2010-2626 affects Miyabi CGI Tools SEO Links 1.02. The flaw is in index.pl where the fn parameter can be exploited with shell metacharacters to execute remote commands, enabling arbitrary command execution. This is a remote, unauthenticated risk with network access and impacts confidentiality...
CVE-2010-2626
index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to execute arbitrary commands via shell metacharacters in the fn command. NOTE: some of these details are obtained from third party information...
DEBIAN-CVE-2010-2480
Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting XSS protection, which makes it easier for remote attackers to conduct XSS attacks via vectors involving single-quote characters and a JavaScript onLoad event handler for a BODY element...
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
HP OpenView Network Node Manager OV NNM - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution Exploit Title: HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution Date: 2010.07.02 Author: S2 Crew Hungary Software Link: hp.com Version: 7.53 Tested on: Windows 2003 CVE:...
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid ICount Remote Code Execution
HP OpenView Network Node Manager OV NNM - getnnmdata.exe CGI Invalid ICount Remote Code Execution Exploit Title: HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution Date: 2010.07.02 Author: S2 Crew Hungary Software Link: hp.com Version: 7.53 Tested on: Windows 2003 CVE:...
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid Hostname Remote Code Execution
HP OpenView Network Node Manager OV NNM - getnnmdata.exe CGI Invalid Hostname Remote Code Execution Exploit Title: HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution Date: 2010.07.02 Author: S2 Crew Hungary Software Link: hp.com Version: 7.53 Tested on: Windows 2003 CVE:...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
PT-2010-4051 · Python · Mako
Name of the Vulnerable Software and Affected Versions: Mako versions prior to 0.3.4 Description: The issue makes it easier for remote attackers to conduct cross-site scripting XSS attacks via vectors involving single-quote characters and a JavaScript onLoad event handler for a BODY element. This ...