9791 matches found
Nagios External Commands and Adaptive Commands Unspecified Vulnerability
Nagios is prone to an unspecified vulnerability related to the CGI submission of external commands and the processing of adaptive commands. The issue affects versions prior to Nagios 3.0.6. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. OpenX: crossite scripting, information leak...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web Mailer from CGI RESCUE vulnerable to HTTP header injection
Overview Web Mailer from CGI RESCUE contains a HTTP header injection vulnerability. Web Mailer from CGI RESCUE is a software that sends emails with contents that are input into a HTML form. Web Mailer contains a HTTP header injection vulnerability. This vulnerability has been fixed and an updated...
Cross-site scripting vulnerability in MiniBBS from CGI RESCUE
Overview MiniBBS from CGI RESCUE contains a cross-site scripting vulnerability. MiniBBS is a message board script provided by CGI RESCUE, contains a cross-site scripting vulnerability. This vulnerability has been fixed and an updated version was released on December 13, 2008. Impact An arbitrary...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Webglimpse: information leak, crossite scripting, directory traversal, authentication bypass...
Code injection
ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a 1 PHP or 2 CGI script...
CVE-2008-6755
ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a 1 PHP or 2 CGI script...
CVE-2008-6755
ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a 1 PHP or 2 CGI script...
CVE-2008-6755
ZoneMinder 1.23.3 on Fedora 10 leaves /etc/zm.conf owned by the apache user and 0600-permissioned. This weakens protection of the configuration file and allows remote attackers to modify it via a web-accessible PHP or CGI script. The described vulnerability is limited to file ownership/permission...
CVE-2008-6755
ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a 1 PHP or 2 CGI script...
JVN#76370393 FORM2MAIL from CGI RESCUE allows unauthorized email transmission
FORM2MAIL from CGI RESCUE is a software that sends emails with contents that are input into a HTML form. FORM2MAIL contains a vulnerability which allows unauthorized email transmission regardless of the configuration. Impact A remote attacker may send emails to arbitrary addresses. Solution Updat...
JVN#36982346 MiniBBS22 from CGI RESCUE allows unauthorized email transmission
MiniBBS22 is a message board script provided by CGI RESCUE. MiniBBS22 contains a vulnerability which allows unauthorized email transmission regardless of the configuration. Impact A remote attacker may send any email to an arbitrary address. Solution Update the software Update to the latest versi...
JVN#11396739 Cross-site scripting vulnerability in MiniBBS from CGI RESCUE
MiniBBS is a message board script provided by CGI RESCUE, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the vendor. Products...
JVN#28020230 Web Mailer from CGI RESCUE vulnerable to HTTP header injection
Web Mailer from CGI RESCUE is a software that sends emails with contents that are input into a HTML form. Web Mailer contains a HTTP header injection vulnerability. Impact Falsified information may be displayed or an arbitrary script may be executed on the user's web browser. HTTP response...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Linksys WVC54GCA Wireless-G '/img/main.cgi' Information Disclosure
The remote host is a Linksys WVC54GCA network camera. The version of the firmware of the remote camera contains a flaw that allows authenticated users to download the .htpasswd file from the remote host, which gives them the ability to crack the passwords of other users, including the password of...