Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9791 matches found

securityvulns
securityvulnsadded 2008/10/15 12:0 a.m.35 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2008/10/14 12:0 a.m.203 views

ASG-Sentry CGI Detection

The remote CGI script is part of ASG-Sentry, a web-based SNMP network management system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid34394; scriptversion"1.15";...

5.5AI score
Exploits0References1
securityvulns
securityvulnsadded 2008/10/14 12:0 a.m.22 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References4Affected Software2
seebug.org
seebug.orgadded 2008/10/12 12:0 a.m.45 views

快客电邮(QuarkMail)远程命令执行漏洞

快客电邮(QuarkMail)是北京雄智伟业科技公司推出的电子邮件系统,被广泛用于各个领域的电子邮件解决方案,其webmail部分使用perl cgi编写,但是80sec在其系统中发现一个重大的安全漏洞,导致远程用户可以在邮件系统上以当前进程身份执行任意命令,从而进一步控制主机或者系统。 QuarkMail错误地使用perl的open函数以打开文件,实现模板等功能,但是其对用户传入的参数没有做有效的过滤,从而导致一个命令执行漏洞。 登录进入系统之后访问如下URL...

7.1AI score
Exploits0
securityvulns
securityvulnsadded 2008/10/09 12:0 a.m.26 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References5Affected Software2
securityvulns
securityvulnsadded 2008/10/08 12:0 a.m.33 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References4Affected Software3
securityvulns
securityvulnsadded 2008/10/06 12:0 a.m.30 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.8CVSS1.5AI score0.07102EPSS
Exploits8References5Affected Software5
Prion
Prionadded 2008/10/03 3:7 p.m.16 views

Buffer overflow

Multiple buffer overflows in CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before build 2439 and 8.0 SP1 Patch 1 before build 3087 allow remote attackers to execute arbitrary code via unspecified vectors...

10CVSS8.2AI score0.05531EPSS
Exploits0References7Affected Software1
Prion
Prionadded 2008/10/03 3:7 p.m.19 views

Null pointer dereference

The CGI modules in the server in Trend Micro OfficeScan 8.0 SP1 before build 2439 and 8.0 SP1 Patch 1 before build 3087 allow remote attackers to cause a denial of service NULL pointer dereference and child process crash via crafted HTTP headers, related to the "error handling mechanism."...

5CVSS6.9AI score0.03166EPSS
Exploits0References7Affected Software1
CVE
CVEadded 2008/10/03 3:0 p.m.39 views

CVE-2008-4403

CVE-2008-4403 affects Trend Micro OfficeScan 8.0 SP1 before build 2439 and 8.0 SP1 Patch 1 before build 3087. The CGI server modules can be exploited remotely to trigger a denial of service via crafted HTTP headers, caused by a NULL pointer dereference in the error handling mechanism. The availab...

5CVSS6.6AI score0.03166EPSS
Exploits0References7Affected Software1
CVE
CVEadded 2008/10/03 3:0 p.m.38 views

CVE-2008-2236

Blosxom has a cross-site scripting (XSS) vulnerability (CVE-2008-2236) in blosxom.cgi before 2.1.2, exploitable via the flav parameter (flavour variable). Public sources consistently state that Blosxom

4.3CVSS5.6AI score0.0125EPSS
Exploits0References6Affected Software1
securityvulns
securityvulnsadded 2008/10/03 12:0 a.m.31 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References2Affected Software2
securityvulns
securityvulnsadded 2008/10/02 12:0 a.m.31 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

4.3CVSS1.5AI score0.07102EPSS
Exploits1References6Affected Software6
NVD
NVDadded 2008/10/01 3:38 p.m.14 views

CVE-2008-4379

Cross-site scripting XSS vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter...

4.3CVSS5.7AI score0.01507EPSS
Exploits0References3
CVE
CVEadded 2008/10/01 3:0 p.m.48 views

CVE-2008-4378

CVE-2008-4378 describes an SQL injection vulnerability in the file report.php of the affected product family “Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier.” The flaw allows remote attackers to inject and execute arbitrary SQL commands through the id parameter. Public references in the connected ...

7.5CVSS8.4AI score0.00997EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2008/10/01 3:0 p.m.19 views

CVE-2008-4378

SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...

8.4AI score0.00997EPSS
Exploits1References5
CVE
CVEadded 2008/10/01 3:0 p.m.40 views

CVE-2008-4379

CVE-2008-4379 is a cross-site scripting (XSS) vulnerability impacting report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier. The flaw allows remote attackers to inject arbitrary web script or HTML via the id parameter, as described in the NVD entry. The reported impact is partial confidenti...

4.3CVSS5.7AI score0.01507EPSS
Exploits0References3Affected Software1
securityvulns
securityvulnsadded 2008/09/30 12:0 a.m.37 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References11Affected Software5
securityvulns
securityvulnsadded 2008/09/29 12:0 a.m.27 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. FCKEditor: arbitrary file upload eCaptcha: crossite scripting...

4.3CVSS2.2AI score0.01758EPSS
Exploits1References6Affected Software4
Fedora
Fedoraadded 2008/09/28 6:38 p.m.20 views

[SECURITY] Fedora 9 Update: rubygem-rails-2.1.1-2.fc9

Rails is a framework for building web-application using CGI, FCGI, modruby, or WEBrick on top of either MySQL, PostgreSQL, SQLite, DB2, SQL Server, or Oracle with eRuby- or Builder-based templates...

7.5CVSS1.3AI score0.0303EPSS
Exploits1
Rows per page
Query Builder