9794 matches found
HP OpenView NNM OvWebHelp.exe CGI Topic overflow
Exploit for windows platform in category remote exploits ================================================ HP OpenView NNM OvWebHelp.exe CGI Topic overflow ================================================ !/usr/bin/python Exploit title: HP OpenView NNM OvWebHelp.exe CGI Topic overflow Date:...
HP OpenView Network Node Manager (OV NNM) - 'OvWebHelp.exe' CGI Topic Overflow
!/usr/bin/python Exploit title: HP OpenView NNM OvWebHelp.exe CGI Topic overflow Date: 2010.03.30 Software link: hp.com Version: 7.53 Tested on: Windows 2003 SP2 CVE: 2009-4178 Code: Trying 172.16.29.130... Connected to 172.16.29.130. Escape character is '^'. Microsoft Windows Version 5.2.3790 C...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Surge-FTP Admin Web interface XSS Vulnerability
Exploit for php platform in category web applications =============================================== Surge-FTP Admin Web interface XSS Vulnerability =============================================== Exploit Title: Surge-FTP Admin Web interface XSS Vulnerability Date: 2010-01-09 Author: FB1H2S...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
eScan MWAdmin Interface Detection
MWAdmin, a web interface included with multiple Linux-based eScan products, was detected on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid45344; scriptversion"1.9"; scriptcvsdate"Date: 2019/11/25"; scriptnameenglish:"eScan MWAdmin Interface...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Trouble Ticket Express fid Parameter Arbitrary Remote Code Execution
The remote host is running Trouble Ticket Express, an open source web-based trouble ticket application written in Perl. At least one module included with the version of Trouble Ticket Express hosted on the remote web server fails to sanitize input to the 'fid' parameter of the 'ttx.cgi' script...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
MDaemon Raw Message Handler Buffer Overflow (CVE-2003-1200)
WorldClient is a program listening on TCP/3000 and executing the CGI program Form2Raw, which processes HTTP requests. The vulnerable products do not require any user credentials to access the program. The specially crafted content will be passed unchecked to the vulnerable server program, MDaemon...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Remote included and local contain vulnerabilities principle-vulnerability warning-the black bar safety net
First, let's discuss the include file vulnerability,the first thing to ask is,what is"remote file inclusion vulnerability"for? The answer is: the server through the php properties of a function to contain any files, since you want to include this file source filter is not strict, so can go to tha...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Debian DSA-1882-1 : xapian-omega - missing input sanitization
It was discovered that xapian-omega, a CGI interface for searching xapian databases, is not properly escaping user-supplied input when printing exceptions. An attacker can use this to conduct cross-site scripting attacks via crafted search queries resulting in an exception and steal potentially...
Debian DSA-1883-1 : nagios2 - missing input sanitising
Several vulnerabilities have been found in nagios2, a host/service/network monitoring and management system. The Common Vulnerabilities and Exposures project identifies the following problems : Several cross-site scripting issues via several parameters were discovered in the CGI scripts, allowing...
Debian DSA-1914-1 : mapserver - several vulnerabilities
Several vulnerabilities have been discovered in mapserver, a CGI-based web framework to publish spatial data and interactive mapping applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0843 Missing input validation on a user-supplied map...