9791 matches found
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Geeklog: crossite scripting thorugh different form fields...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. AwesomeTemplateEngine: crossite scripting...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress: local file include, directory traversal, files modification and information leak...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress: local file include, directory traversal and information leak...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress: directory traversal and information leak...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress: DoS, crossite scripting, arbitrary files deletion...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PRO-search: crossite scripting and DoS...
Unfixed XSS vulnerability at www.locasite.com.br
Security researcher mygotmanoel, has submitted on 26/12/2007 a cross-site-scripting XSS vulnerability affecting www.locasite.com.br, which at the time of submission ranked 99968 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/02/2008. It is...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress = 2.0.9: crossite scripting...
MeGaCheatZ 1.1 Multiple Remote SQL Injection Vulnerabilities
Exploit for unknown platform in category web applications ============================================================ MeGaCheatZ 1.1 Multiple Remote SQL Injection Vulnerabilities ============================================================...
HP OpenView Network Node Manager ovlogin.exe buffer overflow
Added: 12/24/2007 CVE: CVE-2007-6204 BID: 26741 OSVDB: 39529 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow in the Network Node Manager web interface allows remote attackers to execute arbitrary commands by sendin...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WP-ContactForm: Crossite scripting...
CVE-2007-6405
Sergey Lyubka Simple HTTPD shttpd 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended 1 '+' character, 2 '.' character, 3 %2e sequence hex-encoded dot, or 4 hex-encoded character greater than 0x7f. NOTE: the %20 vector is...
Code injection
Sergey Lyubka Simple HTTPD shttpd 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended 1 '+' character, 2 '.' character, 3 %2e sequence hex-encoded dot, or 4 hex-encoded character greater than 0x7f. NOTE: the %20 vector is...
CVE-2007-6405
CVE-2007-6405 affects Sergey Lyubka’s Simple HTTPD (shttpd) 1.38 and earlier on Windows. The issue allows remote attackers to obtain or download arbitrary CGI programs/scripts by sending a URI with special trailing characters: a plus sign (+), a dot (.), %2e (hex-encoded dot), or a hex-encoded ch...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress: information leakage...