9792 matches found
DJ Calendar - 'DJcalendar.cgi TEMPLATE' File Disclosure
Discovered by cibbao PoC: /cgi-bin/DJcalendar.cgi?TEMPLATE=/../../../../../../../etc/passwd milw0rm.com 2009-07-14...
HTMLDOC 1.8.27 Buffer Overflow
!/usr/bin/perl HTMLDOC + StackBased OverFlow In setpagesize / EIPregister Is Raped By Us So Not Just Krash ! Is Both Local Also Remote As CGI Skript - Sevrity: HIGH ? Vendor Kontakt: NOPE ,-. .---. | ..-'' . \ ,. \ ,+++=.|||||| | .ooo.===================||======|=|=|| | ' | ' ' o o / \ /\ o o / '...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Mandrake Security Advisory MDVSA-2009:145 (php)
The remote host is missing an update to php announced via advisory MDVSA-2009:145. OpenVAS Vulnerability Test $Id: mdksa2009145.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:145 php Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Mandrake Security Advisory MDVSA-2009:145 (php)
The remote host is missing an update to php announced via advisory MDVSA-2009:145. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...
CVE-2009-2323
The web interface on the Axesstel MV 410R redirects users back to the referring page after execution of some CGI scripts, which makes it easier for remote attackers to avoid detection of cross-site request forgery CSRF attacks, as demonstrated by a redirect from the cgi-bin/wireless.cgi script...
Cross site request forgery (csrf)
The web interface on the Axesstel MV 410R redirects users back to the referring page after execution of some CGI scripts, which makes it easier for remote attackers to avoid detection of cross-site request forgery CSRF attacks, as demonstrated by a redirect from the cgi-bin/wireless.cgi script...
CVE-2009-2323
The web interface on the Axesstel MV 410R redirects users back to the referring page after execution of some CGI scripts, which makes it easier for remote attackers to avoid detection of cross-site request forgery CSRF attacks, as demonstrated by a redirect from the cgi-bin/wireless.cgi script...
CVE-2009-2322
The CVE-2009-2322 entry concerns the Axesstel MV 410R router. A vulnerability in the CGI script cgi-bin/sysconf.cgi enables cross-site scripting (XSS), allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. The NVD metrics indicate a Medium severity (CVSS v2: AV...
MDaemon WorldClient form2raw.cgi Stack Buffer Overflow
This module exploits a stack buffer overflow in Alt-N MDaemon SMTP server for versions 6.8.5 and earlier. When WorldClient HTTP server is installed default, a CGI script is provided to accept html FORM based emails and deliver via MDaemon.exe, by writing the CGI output to the Raw Queue. When...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Axesstel MV 410R Bypass / XSS
Multiple Flaws in Axesstel MV 410R by Filip Palian filip dot palian at pjwstk dot edu dot pl Description: Axesstel MV 410R is a device offered by the two leading polish telecom operators Orange and Polish Telecom to provide broadband Internet in CDMA technology and it's already widely in use...
Multiple Flaws in Axesstel MV 410R
Multiple Flaws in Axesstel MV 410R by Filip Palian filip dot palian at pjwstk dot edu dot pl Description: Axesstel MV 410R is a device offered by the two leading polish telecom operators Orange and Polish Telecom to provide broadband Internet in CDMA technology and it's already widely in use...
CVE-2009-2300
The management interface in the phion airlock Web Application Firewall WAF 4.1-10.41 does not properly handle CGI requests that specify large width and height parameters for an image, which allows remote attackers to execute arbitrary commands or cause a denial of service resource consumption via...
CVE-2009-2298
Stack-based buffer overflow in rping in HP OpenView Network Node Manager OV NNM 7.53 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a CGI request to webappmon.exe. NOTE: this may overlap CVE-2009-1420...