9794 matches found
CGI Helper 1.00 Cross Site Scripting
CGI Helper 1.00 Download: http://www.sourcecodeonline.com/details/cgihelper.html Discovered by: Paulo Santos Contact: [email protected] Blog: http://infocampo.wordpress.com The script CGI Helper 1.00 is vulnerable to XSS. Example: www.site.com/cgi-bin/helper.cgi XSS:...
Web mirroring
This script makes a mirror of the remote web site and extracts the list of CGIs that are used by the remote host. It is suggested that you allow a long-enough timeout value for this test routine and also adjust the setting on the number of pages to mirror. SPDX-FileCopyrightText: 2009 Renaud...
Trend Micro OfficeScan Server cgiRecvFile Buffer Overflow (CVE-2008-2437)
Trend Micro OfficeScan is a centralized virus and security scan management system. It is meant to consolidate the coordination of security scan actions and the management of Trend Micro virus scanner products installed on nodes of an enterprise network. The product is a central command centre for...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Mandrake Security Advisory MDVSA-2009:246 (php)
The remote host is missing an update to php announced via advisory MDVSA-2009:246. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
SuSE 11 Security Update : nagios (SAT Patch Number 1105)
A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is...
SuSE9 Security Update : netpbm (YOU Patch Number 11701)
This update fixes a buffer overflow in the RGBA-palette code. The bug can be abused to trigger a denial-or-service attack by feeding untrusted data to 'pnmtopng -alpha' maybe via a remote service like a CGI, mail user agent, etc. The execution of arbitrary code is theoretically possible but...
SuSE9 Security Update : Perl (YOU Patch Number 12208)
Specially crafted regular expressions could crash perl. CVE-2008-1927 Additionally problem in the CGI module was fixed that could result in an endless loop if uploads were cancelled. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
SuSE9 Security Update : ruby (YOU Patch Number 11442)
The ruby package was updated to fix a denial of service problem in its CGI module when parsing multipart MIME messages. CVE-2006-6303 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; i...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Multiple Remote Command Execution vulnerabilities on Avaya Intuity Audix LX (plus some client-side bugs)
It appears that most diagnostic CGI perl scripts that take user-supplied input are vulnerable to Remote Command Execution. These scripts are located on '/html/cswebadm/basic/cgi-bin/'. All the RCE vulnerabilities discovered were tested with an authenticated session using the 'craft' account. Thes...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
BRS Webweaver 1.33 /Scripts Access Restriction Bypass Vulnerability
No description provided by source. Name : BSR Webweaver Version 1.33 /Scripts access restriction bypass vulnerbility Author : Usman Saeed Company : Xc0re Security Reasearch Group Date : 15/09/09 Homepage : http://www.xc0re.net Download Page : http://www.brswebweaver.com/downloads.html Attack type...
BRS Webweaver 1.33 - Scripts Access Restriction Bypass
BRS Webweaver 1.33 - Scripts Access Restriction Bypass Name : BSR Webweaver Version 1.33 /Scripts access restriction bypass vulnerbility Author : Usman Saeed Company : Xc0re Security Reasearch Group Date : 15/09/09 Homepage : http://www.xc0re.net Download Page :...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Debian Security Advisory DSA 1883-2 (nagios2)
The remote host is missing an update to nagios2 announced via advisory DSA 1883-2. OpenVAS Vulnerability Test $Id: deb18832.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1883-2 nagios2 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Debian Security Advisory DSA 1883-1 (nagios2)
The remote host is missing an update to nagios2 announced via advisory DSA 1883-1. OpenVAS Vulnerability Test $Id: deb18831.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1883-1 nagios2 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...