9794 matches found
CGI Generic Unseen Parameters Discovery
By sending requests with additional parameters such as 'admin', 'debug', or 'test' to CGI scripts hosted on the remote web server, Nessus was able to generate at least one significantly different response even though the parameters themselves do not actually appear in responses. This behavior...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow
This module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53. By sending a specially crafted CGI request to ovalarm.exe, an attacker can execute arbitrary code. This specific vulnerability is due to a call to "sprintfnew" in the "isWide" function within "ovalarm.exe". A...
HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow
$Id: hpnnmovalarmlang.rb 8192 2010-01-22 05:52:53Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
SurgeFTP 2.x - 'surgeftpmgr.cgi' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/37844/info SurgeFTP is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in an administrator's browser session in the conte...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
HP OpenView Network Node Manager nnmRptConfig.exe CGI Template Buffer Overflow
Added: 01/09/2010 CVE: CVE-2009-3848 BID: 37296 OSVDB: 60926 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the...
HP OpenView Network Node Manager nnmRptConfig.exe CGI Template Buffer Overflow
Added: 01/09/2010 CVE: CVE-2009-3848 BID: 37296 OSVDB: 60926 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Preemptive Protection against HP OpenView Network Node Manager snmp.exe Oid Variable Buffer Overflow Vulnerability
A buffer overflow vulnerability has been reported in HP OpenView Network Node Manager NNM CGI program snmp.exe. The NNM is an HP OpenView product which manages networks. It determines and displays physical and logical connectivity in networks, as well as information referring to protocols running...
CentOS 5 : cups (CESA-2008:0192)
Updated cups packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIX Printing System CUPS provides a portable printing layer for UNIXR operatin...
Movable Type Detection
Detection of Movable Type. The script sends a connection request to the server and attempts to extract the version number from the reply. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced source...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Multiple Vendor CUPS Administration Interface CGI Heap Overflow (CVE-2008-0047)
The Common Unix Printing System CUPS is a modular printing system for Unix-like operating systems that allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer. A heap...
CoreHTTP CGI Support Remote Command Execution Vulnerability
CoreHTTP is prone to a remote command-execution vulnerability because the software fails to adequately sanitize user-supplied input. Successful attacks can compromise the affected software and possibly the computer. CoreHTTP 0.5.3.1 is vulnerable; other versions may also be affected. OpenVAS...
CoreHTTP CGI Support RCE Vulnerability
CoreHTTP is prone to a remote command-execution vulnerability because the software fails to adequately sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow
$Id: hpnnmopenview5.rb 7874 2009-12-15 05:41:29Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...