Lucene search
K

9794 matches found

Packet Storm
Packet Storm
added 2009/12/31 12:0 a.m.50 views

QuickTime Streaming Server parse_xml.cgi Remote Execution

$Id: qtssparsexmlexec.rb 7776 2009-12-09 15:13:35Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

7.5CVSS0.68858EPSS
Exploits3
Packet Storm
Packet Storm
added 2009/12/31 12:0 a.m.57 views

HP OpenView Network Node Manager Snmp.exe CGI Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/projects/Framework/ require 'msf/core' class Metasploit3 'HP...

10CVSS1AI score0.73694EPSS
Exploits5
seebug.org
seebug.org
added 2009/12/30 12:0 a.m.82 views

CoreHTTP Arbitrary Command Execution Vulnerability

No description provided by source. Package name: CoreHTTP server Version: 0.5.3.1 and below as long as cgi support is enabled Software URL: http://corehttp.sourceforge.net/ Exploit: http://aconole.brad-x.com/programs/corehttpcgienabled.rb Issue: CoreHTTP server fails to properly sanitize input...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2009/12/29 12:0 a.m.31 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

4.3CVSS1.6AI score0.01089EPSS
Exploits0References5Affected Software3
seebug.org
seebug.org
added 2009/12/28 12:0 a.m.11 views

php CGI-SAPI 4.3.0 代码执行漏洞

No description provided by source...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/12/26 12:0 a.m.48 views

AWStats 6.1 < 6.2 - 'configdir' Remote Command Execution (Metasploit)

$Id: awstatsconfigdirexec.rb 7970 2009-12-26 03:31:20Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.5CVSS6.6AI score0.74941EPSS
Exploits11
seebug.org
seebug.org
added 2009/12/25 12:0 a.m.15 views

CoreHTTP CGI支持远程命令执行漏洞

BUGTRAQ ID: 37454 CoreHTTP是一款小型的Web服务器。 CoreHTTP服务器的http.c文件没有正确的过滤用户输入便调用了popen,这允许攻击者使用标准的Web浏览器执行任意命令: / escape the url for " and \ since we use it in popen / for i = 0; i PATHSIZE; i++ if urli == '\0' break; else if urli == '\' || urli == '"' || urli == ''' find = url + i; strcpytemp, find;...

6.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2009/12/23 12:0 a.m.4 views

Update Protection against HP OpenView Network Node Manager ovlogin.exe Buffer Overflow

A buffer overflow vulnerability exists in HP OpenView Network Node Manager NNM. The vulnerability is due to a boundary error in ovlogin.exe, the login process of a CGI application shipped with OpenView NNM. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP...

10CVSS7.7AI score0.1387EPSS
Exploits1
securityvulns
securityvulns
added 2009/12/23 12:0 a.m.31 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References3Affected Software3
exploitpack
exploitpack
added 2009/12/23 12:0 a.m.23 views

CoreHTTP 0.5.3.1 - CGI Arbitrary Command Execution

CoreHTTP 0.5.3.1 - CGI Arbitrary Command Execution Package name: CoreHTTP server Version: 0.5.3.1 and below as long as cgi support is enabled Software URL: http://corehttp.sourceforge.net/ Exploit: http://aconole.brad-x.com/programs/corehttpcgienabled.rb Issue: CoreHTTP server fails to properly...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2009/12/23 12:0 a.m.1876 views

CoreHTTP 0.5.3.1 Command Execution

MSF Exploit for CoreHTTP CGI Enabled Remote Arbitrary Command Execution CoreHTTP fails to properly sanitize user input before passing it to popen, allowing anyone with a web browser to run arbitrary commands. No CVE for this yet. require 'msf/core' class Metasploit3 'corehttp remote command...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/12/23 12:0 a.m.620 views

CoreHTTP 0.5.3.1 - 'CGI' Arbitrary Command Execution

Package name: CoreHTTP server Version: 0.5.3.1 and below as long as cgi support is enabled Software URL: http://corehttp.sourceforge.net/ Exploit: http://aconole.brad-x.com/programs/corehttpcgienabled.rb Issue: CoreHTTP server fails to properly sanitize input before calling popen and allows an...

7.4AI score
Exploits0
Saint
Saint
added 2009/12/22 12:0 a.m.32 views

HP OpenView Network Node Manager ovalarm.exe Accept-Language buffer overflow

Added: 12/22/2009 CVE: CVE-2009-4179 BID: 37261 OSVDB: 60930 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow in the ovalarm.exe CGI program allows command execution when an attacker sends an HTTP request to this...

10CVSS6.9AI score0.66973EPSS
Exploits8
securityvulns
securityvulns
added 2009/12/22 12:0 a.m.31 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.8CVSS1.6AI score0.01258EPSS
Exploits2References3Affected Software2
seebug.org
seebug.org
added 2009/12/21 12:0 a.m.18 views

lighttpd 1.3.7 远程CGI脚本代码泄漏漏洞

No description provided by source...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2009/12/21 12:0 a.m.47 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.03285EPSS
Exploits2References7Affected Software6
securityvulns
securityvulns
added 2009/12/17 12:0 a.m.68 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References4Affected Software4
securityvulns
securityvulns
added 2009/12/16 12:0 a.m.87 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

9CVSS1.6AI score0.11477EPSS
Exploits11References3Affected Software3
Metasploit
Metasploit
added 2009/12/15 5:41 a.m.47 views

HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow

This module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.50. By sending a specially crafted CGI request, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

10CVSS7.9AI score0.69613EPSS
Exploits9
securityvulns
securityvulns
added 2009/12/15 12:0 a.m.32 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.5CVSS1.6AI score0.03306EPSS
Exploits8References12Affected Software8
Rows per page
Query Builder