Lucene search
K

9794 matches found

Packet Storm
Packet Storm
added 2009/10/05 12:0 a.m.24 views

CGI Helper 1.00 Cross Site Scripting

CGI Helper 1.00 Download: http://www.sourcecodeonline.com/details/cgihelper.html Discovered by: Paulo Santos Contact: [email protected] Blog: http://infocampo.wordpress.com The script CGI Helper 1.00 is vulnerable to XSS. Example: www.site.com/cgi-bin/helper.cgi XSS:...

Exploits0
OpenVAS
OpenVAS
added 2009/10/02 12:0 a.m.107 views

Web mirroring

This script makes a mirror of the remote web site and extracts the list of CGIs that are used by the remote host. It is suggested that you allow a long-enough timeout value for this test routine and also adjust the setting on the number of pages to mirror. SPDX-FileCopyrightText: 2009 Renaud...

7.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2009/10/01 12:0 a.m.5 views

Trend Micro OfficeScan Server cgiRecvFile Buffer Overflow (CVE-2008-2437)

Trend Micro OfficeScan is a centralized virus and security scan management system. It is meant to consolidate the coordination of security scan actions and the management of Trend Micro virus scanner products installed on nodes of an enterprise network. The product is a central command centre for...

10CVSS8.1AI score0.06673EPSS
Exploits5
securityvulns
securityvulns
added 2009/09/30 12:0 a.m.37 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2009/09/28 12:0 a.m.77 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

4.3CVSS1.6AI score0.02305EPSS
Exploits0References9Affected Software5
OpenVAS
OpenVAS
added 2009/09/28 12:0 a.m.27 views

Mandrake Security Advisory MDVSA-2009:246 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:246. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...

7.5CVSS7.6AI score0.0291EPSS
Exploits2References1
securityvulns
securityvulns
added 2009/09/24 12:0 a.m.26 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.39 views

SuSE 11 Security Update : nagios (SAT Patch Number 1105)

A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is...

7.5CVSS5.2AI score0.83453EPSS
Exploits14References3
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.21 views

SuSE9 Security Update : netpbm (YOU Patch Number 11701)

This update fixes a buffer overflow in the RGBA-palette code. The bug can be abused to trigger a denial-or-service attack by feeding untrusted data to 'pnmtopng -alpha' maybe via a remote service like a CGI, mail user agent, etc. The execution of arbitrary code is theoretically possible but...

4.6CVSS6.3AI score0.006EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.29 views

SuSE9 Security Update : Perl (YOU Patch Number 12208)

Specially crafted regular expressions could crash perl. CVE-2008-1927 Additionally problem in the CGI module was fixed that could result in an endless loop if uploads were cancelled. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

5CVSS5.2AI score0.03153EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.30 views

SuSE9 Security Update : ruby (YOU Patch Number 11442)

The ruby package was updated to fix a denial of service problem in its CGI module when parsing multipart MIME messages. CVE-2006-6303 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; i...

5CVSS5.3AI score0.03589EPSS
Exploits1References2
securityvulns
securityvulns
added 2009/09/23 12:0 a.m.26 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References3Affected Software2
securityvulns
securityvulns
added 2009/09/22 12:0 a.m.22 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References6Affected Software4
securityvulns
securityvulns
added 2009/09/21 12:0 a.m.32 views

Multiple Remote Command Execution vulnerabilities on Avaya Intuity Audix LX (plus some client-side bugs)

It appears that most diagnostic CGI perl scripts that take user-supplied input are vulnerable to Remote Command Execution. These scripts are located on '/html/cswebadm/basic/cgi-bin/'. All the RCE vulnerabilities discovered were tested with an authenticated session using the 'craft' account. Thes...

2.4AI score
Exploits0
securityvulns
securityvulns
added 2009/09/17 12:0 a.m.27 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2009/09/16 12:0 a.m.20 views

BRS Webweaver 1.33 /Scripts Access Restriction Bypass Vulnerability

No description provided by source. Name : BSR Webweaver Version 1.33 /Scripts access restriction bypass vulnerbility Author : Usman Saeed Company : Xc0re Security Reasearch Group Date : 15/09/09 Homepage : http://www.xc0re.net Download Page : http://www.brswebweaver.com/downloads.html Attack type...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/09/15 12:0 a.m.14 views

BRS Webweaver 1.33 - Scripts Access Restriction Bypass

BRS Webweaver 1.33 - Scripts Access Restriction Bypass Name : BSR Webweaver Version 1.33 /Scripts access restriction bypass vulnerbility Author : Usman Saeed Company : Xc0re Security Reasearch Group Date : 15/09/09 Homepage : http://www.xc0re.net Download Page :...

Exploits0
securityvulns
securityvulns
added 2009/09/15 12:0 a.m.42 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

4.3CVSS1.6AI score0.03022EPSS
Exploits1References3Affected Software2
OpenVAS
OpenVAS
added 2009/09/15 12:0 a.m.24 views

Debian Security Advisory DSA 1883-2 (nagios2)

The remote host is missing an update to nagios2 announced via advisory DSA 1883-2. OpenVAS Vulnerability Test $Id: deb18832.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1883-2 nagios2 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

4.3CVSS0.6AI score0.02469EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/09/15 12:0 a.m.17 views

Debian Security Advisory DSA 1883-1 (nagios2)

The remote host is missing an update to nagios2 announced via advisory DSA 1883-1. OpenVAS Vulnerability Test $Id: deb18831.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1883-1 nagios2 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

4.3CVSS0.2AI score0.02469EPSS
Exploits1
Rows per page
Query Builder