9794 matches found
TPTI-09-10: HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability
TPTI-09-10: HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-09-10 December 9, 2009 -- CVE ID: CVE-2009-4177 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...
HP OpenView Network Node Manager CGI programs HTTP Request Buffer Overflow (CVE-2007-6204; CVE-2008-0067)
HP OpenView product consists of a suite of network and system management software applications developed by HP. It includes hundreds of optional modules and components, such as OpenView Quality Manager, OpenView Performance Insight, OpenView Network Node Manager, etc. A buffer overflow...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
MediaWiki Language Option PHP Code Execution (CVE-2005-4031)
MediaWiki is a web-based enterprise collaboration platform developed in the PHP scripting language. The software is a set of CGI programs that are loaded and executed by an HTTP server. It typically runs as a document management system, or a knowledge base. The web content of a MediaWiki...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
IBM Lotus Domino Web Service Denial of Service (CVE-2005-0986)
IBM Lotus Domino server software provides messaging, calendar/scheduling and other collaborative applications. A vulnerability exists in IBM's Lotus Domino Web Server, in the HTTP server included with Lotus Domino, specifically in the way it handles Common Gateway Interface CGI requests. The flaw...
[SECURITY] Fedora 10 Update: awstats-6.95-1.fc10
Advanced Web Statistics is a powerful and featureful tool that generates advanced web server graphic statistics. This server log analyzer works from command line or as a CGI and shows you all information your log contai ns, in graphical web pages. It can analyze a lot of web/wap/proxy servers lik...
Dotdefender Remote Command Execution 3.8-5
No description provided by source. Problem Description =================== A remote command execution vulnerability exists in the dotDefender 3.8-5 Site Management. dotDefender 1 is a web appliaction firewall WAF which 'prevents hackers from attacking your website.' Technical Details...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
MDaemon <= 6.8.5 WorldClient form2raw.cgi Stack Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'MDaemon %q...
HP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HP OpenView Netwo...
Trend Micro OfficeScan Remote Stack Overflow
require 'msf/core' require 'metasm' class Metasploit3 'Trend Micro OfficeScan Remote Stack Overflow', 'Description' = %q This module exploits a stack overflow in Trend Micro OfficeScan cgiChkMasterPwd.exe running with SYSTEM privileges. , 'Author' = 'toto' , 'License' = MSFLICENSE, 'Version' =...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
CGI Generic Local File Inclusion (2nd pass)
The remote web server hosts CGI scripts that fail to adequately sanitize request strings. By leveraging this issue, an attacker may be able to include a local file and disclose its contents, or even execute arbitrary code on the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Movable Type mt-check.cgi System Information Disclosure
The Movable Type installation on the remote web server is leaking information via mt-check.cgi. This CGI determines if the Perl modules required by Movable Type are installed, and is only intended to be used prior to installation. It discloses path information, operating system type, Perl version...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
CGI Generic SSI Injection (HTTP headers)
The remote web server hosts one or more CGI scripts that fail to adequately sanitize request strings and seem to be vulnerable to an 'SSI injection' attack. By leveraging this issue, an attacker may be able to execute arbitrary commands on the remote host. %NASLMINLEVEL 70300 C Tenable Network...