Lucene search
K

9792 matches found

Exploit DB
Exploit DB
added 2009/07/14 12:0 a.m.38 views

DJ Calendar - 'DJcalendar.cgi TEMPLATE' File Disclosure

Discovered by cibbao PoC: /cgi-bin/DJcalendar.cgi?TEMPLATE=/../../../../../../../etc/passwd milw0rm.com 2009-07-14...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2009/07/13 12:0 a.m.30 views

HTMLDOC 1.8.27 Buffer Overflow

!/usr/bin/perl HTMLDOC + StackBased OverFlow In setpagesize / EIPregister Is Raped By Us So Not Just Krash ! Is Both Local Also Remote As CGI Skript - Sevrity: HIGH ? Vendor Kontakt: NOPE ,-. .---. | ..-'' . \ ,. \ ,+++=.|||||| | .ooo.===================||======|=|=|| | ' | ' ' o o / \ /\ o o / '...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2009/07/13 12:0 a.m.36 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

4.3CVSS1.5AI score0.05058EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns
added 2009/07/12 12:0 a.m.22 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References2Affected Software2
securityvulns
securityvulns
added 2009/07/09 12:0 a.m.57 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

5CVSS1.5AI score0.85EPSS
Exploits17References1Affected Software1
securityvulns
securityvulns
added 2009/07/08 12:0 a.m.30 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References1
securityvulns
securityvulns
added 2009/07/07 12:0 a.m.27 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2009/07/06 12:0 a.m.25 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

4.3CVSS1.5AI score0.019EPSS
Exploits1References3Affected Software2
OpenVAS
OpenVAS
added 2009/07/06 12:0 a.m.25 views

Mandrake Security Advisory MDVSA-2009:145 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:145. OpenVAS Vulnerability Test $Id: mdksa2009145.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:145 php Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

4.3CVSS0.6AI score0.04378EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/07/06 12:0 a.m.29 views

Mandrake Security Advisory MDVSA-2009:145 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:145. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...

4.3CVSS6.3AI score0.04378EPSS
Exploits1References2
NVD
NVD
added 2009/07/05 4:30 p.m.13 views

CVE-2009-2323

The web interface on the Axesstel MV 410R redirects users back to the referring page after execution of some CGI scripts, which makes it easier for remote attackers to avoid detection of cross-site request forgery CSRF attacks, as demonstrated by a redirect from the cgi-bin/wireless.cgi script...

5.8CVSS6.8AI score0.00846EPSS
Exploits0References2
Prion
Prion
added 2009/07/05 4:30 p.m.11 views

Cross site request forgery (csrf)

The web interface on the Axesstel MV 410R redirects users back to the referring page after execution of some CGI scripts, which makes it easier for remote attackers to avoid detection of cross-site request forgery CSRF attacks, as demonstrated by a redirect from the cgi-bin/wireless.cgi script...

5.8CVSS7.5AI score0.00846EPSS
Exploits0References2
Cvelist
Cvelist
added 2009/07/05 4:0 p.m.16 views

CVE-2009-2323

The web interface on the Axesstel MV 410R redirects users back to the referring page after execution of some CGI scripts, which makes it easier for remote attackers to avoid detection of cross-site request forgery CSRF attacks, as demonstrated by a redirect from the cgi-bin/wireless.cgi script...

6.8AI score0.00846EPSS
Exploits0References2
CVE
CVE
added 2009/07/05 4:0 p.m.49 views

CVE-2009-2322

The CVE-2009-2322 entry concerns the Axesstel MV 410R router. A vulnerability in the CGI script cgi-bin/sysconf.cgi enables cross-site scripting (XSS), allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. The NVD metrics indicate a Medium severity (CVSS v2: AV...

4.3CVSS5.8AI score0.00871EPSS
Exploits1References2Affected Software1
Metasploit
Metasploit
added 2009/07/03 1:26 a.m.33 views

MDaemon WorldClient form2raw.cgi Stack Buffer Overflow

This module exploits a stack buffer overflow in Alt-N MDaemon SMTP server for versions 6.8.5 and earlier. When WorldClient HTTP server is installed default, a CGI script is provided to accept html FORM based emails and deliver via MDaemon.exe, by writing the CGI output to the Raw Queue. When...

7.5CVSS0.65097EPSS
Exploits8
securityvulns
securityvulns
added 2009/07/03 12:0 a.m.63 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.5AI score0.83865EPSS
Exploits24References4Affected Software2
Packet Storm
Packet Storm
added 2009/07/03 12:0 a.m.41 views

Axesstel MV 410R Bypass / XSS

Multiple Flaws in Axesstel MV 410R by Filip Palian filip dot palian at pjwstk dot edu dot pl Description: Axesstel MV 410R is a device offered by the two leading polish telecom operators Orange and Polish Telecom to provide broadband Internet in CDMA technology and it's already widely in use...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2009/07/03 12:0 a.m.58 views

Multiple Flaws in Axesstel MV 410R

Multiple Flaws in Axesstel MV 410R by Filip Palian filip dot palian at pjwstk dot edu dot pl Description: Axesstel MV 410R is a device offered by the two leading polish telecom operators Orange and Polish Telecom to provide broadband Internet in CDMA technology and it's already widely in use...

0.4AI score
Exploits0
NVD
NVD
added 2009/07/02 10:30 a.m.14 views

CVE-2009-2300

The management interface in the phion airlock Web Application Firewall WAF 4.1-10.41 does not properly handle CGI requests that specify large width and height parameters for an image, which allows remote attackers to execute arbitrary commands or cause a denial of service resource consumption via...

10CVSS7.7AI score0.02783EPSS
Exploits0References3
NVD
NVD
added 2009/07/02 10:30 a.m.14 views

CVE-2009-2298

Stack-based buffer overflow in rping in HP OpenView Network Node Manager OV NNM 7.53 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a CGI request to webappmon.exe. NOTE: this may overlap CVE-2009-1420...

7.5CVSS8AI score0.06433EPSS
Exploits0References1
Rows per page
Query Builder