CVE-2008-5723

CVE-2008-5723 describes a directory traversal vulnerability in CGI RESCUE KanniBBS2000 (also known as MiniBBS2000/MiniBBS2000i) prior to version 1.03, enabling a remote attacker to read arbitrary files on the server. Connected sources specify that affected products include MiniBBS2000/v1.02 and e...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. NetCat CMS: directory traversal, SQL injection...

Barracuda Spam Firewall < 3.5.12.007 Multiple Vulnerabilities (SQLi, XSS)

Binary data 4795.prm...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: crossite scripting, DoS...

On in the browser*. exe file the explore-exploit warning-the black bar safety net

On in the browser. exe file explore in depth A: really can in the browser command file? The answer is Yes. （Wow, cool! Can......） But don't happy, can only be performed server-side, but is must be authorized. Otherwise the server think the Black you're too easy. Who dares to look at me, I just...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CapCC for WordPress - SQL injection, automation protection bypass, crossite request forgery...

Sun Java System Identity Manager Detection

Sun Java System Identity Manager, an enterprise tool for identity management, is installed on the remote web server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid35104; scriptversion"1.15"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/12";...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. EZ Publish: privilege escalation from user to CMS Administrator + Privilege escalation from CMS Administrator to system user...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CapCC for WordPress - crossite scripting, information leakage. Blogsmith - crossite scripting...

JVN#07468800 Predictable session ID vulnerability in Access Analyzer CGI by futomi's CGI Cafe

Access Analyzer CGI provided by futomi's CGI Cafe is a software to analyze web access logs. Access Analyzer CGI contains a predictable session ID vulnerability. Impact A remote attacker could impersonate an administrator of Access Analyzer CGI. As a result, a remote attacker could view access...

HTMPL 1.11 - Command Execution

HTMPL 1.11 - Command Execution Software : HTMPL v1.11 Download Link : http://vmeste.org/templex/doc/1.html Vulnrability : Command Execution Severity : High Author : ZeN Website : http://dusecurity.com / http://darkcode.me/ Exploit : site.com/cgi-bin/htmpladmin.cgi?help=|cat /etc/passwd A few othe...

[SECURITY] Fedora 10 Update: awstats-6.8-3.fc10

Advanced Web Statistics is a powerful and featureful tool that generates advanced web server graphic statistics. This server log analyzer works from command line or as a CGI and shows you all information your log contai ns, in graphical web pages. It can analyze a lot of web/wap/proxy servers lik...

[SECURITY] Fedora 8 Update: awstats-6.8-3.fc8

Advanced Web Statistics is a powerful and featureful tool that generates advanced web server graphic statistics. This server log analyzer works from command line or as a CGI and shows you all information your log contai ns, in graphical web pages. It can analyze a lot of web/wap/proxy servers lik...

USN-686-1: AWStats vulnerability

Morgan Todd discovered that AWStats did not correctly strip quotes from certain parameters, allowing for an XSS attack when running as a CGI. If a user was tricked by a remote attacker into following a specially crafted URL, the user's authentication information could be exposed for the domain...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CoBreeder: Crossite scripting...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CoBreeder: Crossite scripting...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CoBreeder: Crossite scripting...

JVN#86833991 CGI RESCUE MiniBBS2000 directory traversal vulnerability

MiniBBS2000, a message board script provided by CGI RESCUE, contains a directory traversal vulnerability. Impact A remote attacker could view files on the server where MiniBBS2000 is installed. This could lead to disclosure of file contents. Solution Update the Software Update to the latest versi...

PT-2008-6327 · Apple · Cups

Name of the Vulnerable Software and Affected Versions: CUPS versions prior to 1.3.8 Description: The issue allows remote attackers to bypass intended policy and conduct CSRF attacks via the add and cancel RSS subscription functions in the web interface. This occurs because the web interface uses...