Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9791 matches found

securityvulns
securityvulnsadded 2007/07/12 12:0 a.m.22 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

4.3CVSS1.5AI score0.01223EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2007/07/11 5:30 p.m.18 views

CVE-2007-3692

Directory traversal vulnerability in download.cgi in EZFactory KDDI Download CGI 1.x allows remote attackers to read and download arbitrary files via a .. dot dot in the name parameter...

7.8CVSS6.7AI score0.01996EPSS
Exploits0References6
Prion
Prionadded 2007/07/11 5:30 p.m.15 views

Directory traversal

Directory traversal vulnerability in download.cgi in EZFactory KDDI Download CGI 1.x allows remote attackers to read and download arbitrary files via a .. dot dot in the name parameter...

7.8CVSS7.2AI score0.01996EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2007/07/11 5:0 p.m.16 views

CVE-2007-3692

Directory traversal vulnerability in download.cgi in EZFactory KDDI Download CGI 1.x allows remote attackers to read and download arbitrary files via a .. dot dot in the name parameter...

6.7AI score0.01996EPSS
Exploits0References6
CVE
CVEadded 2007/07/11 5:0 p.m.44 views

CVE-2007-3692

The CVE-2007-3692 issue concerns EZFactory KDDI Download CGI 1.x, where the download.cgi component is vulnerable to a directory traversal via the name parameter containing .., enabling remote attackers to read/download arbitrary server files. The JVN entry for KDDI’s EZFactory sample CGI download...

7.8CVSS6.7AI score0.01996EPSS
Exploits0References6Affected Software1
Packet Storm
Packet Stormadded 2007/07/11 12:0 a.m.19 views

mailmachine-lfi.txt

!/usr/bin/perl -w Mail Machine Local File Include Exploit Vuln. v3.980, v3.985, v3.987, v3.988 and v3.989 ! Application homepage : http://www.mikesworld.net/mailmachine.shtml ! Author : H4 / Team XPK ! Contact : [email protected] -------------------------------------------------------------------...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2007/07/10 12:0 a.m.55 views

Microsoft Internet Information Server DoS

Request like http://www.example.com/vtibin/.dll/0 for virtual folders with CGI execution enabled causes server to crash and potentially leads to code execution...

7.8CVSS2.7AI score0.86729EPSS
Exploits1References3Affected Software1
exploitpack
exploitpackadded 2007/07/10 12:0 a.m.9 views

Mail Machine 3.989 - Local File Inclusion

Mail Machine 3.989 - Local File Inclusion !/usr/bin/perl -w Mail Machine Local File Include Exploit Vuln. v3.980, v3.985, v3.987, v3.988 and v3.989 ! Application homepage : http://www.mikesworld.net/mailmachine.shtml ! Author : H4 / Team XPK ! Contact : [email protected]...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2007/07/10 12:0 a.m.29 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References8Affected Software2
seebug.org
seebug.orgadded 2007/07/10 12:0 a.m.16 views

Mail Machine <= 3.989 Local File Inclusion Exploit

No description provided by source. !/usr/bin/perl -w Mail Machine Local File Include Exploit Vuln. v3.980, v3.985, v3.987, v3.988 and v3.989 ! Application homepage : http://www.mikesworld.net/mailmachine.shtml ! Author : H4 / Team XPK ! Contact : [email protected]...

7.1AI score
Exploits0
Exploit DB
Exploit DBadded 2007/07/10 12:0 a.m.25 views

Mail Machine 3.989 - Local File Inclusion

!/usr/bin/perl -w Mail Machine Local File Include Exploit Vuln. v3.980, v3.985, v3.987, v3.988 and v3.989 ! Application homepage : http://www.mikesworld.net/mailmachine.shtml ! Author : H4 / Team XPK ! Contact : [email protected] -------------------------------------------------------------------...

7.4AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2007/07/09 12:0 a.m.62 views

JVN#33593387 KDDI sample CGI download program directory traversal vulnerability

A sample CGI download program is included with KDDI's EZFactory for downloading and saving data such as images and ringtones to EZweb compatible cellular phones. A directory traversal vulnerability exists in this program. Impact A remote anauthenticated attacker could access files on the server...

7.2AI score
Exploits0
securityvulns
securityvulnsadded 2007/07/09 12:0 a.m.25 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References1Affected Software1
Packet Storm
Packet Stormadded 2007/07/07 12:0 a.m.76 views

fujitsu-serverview-exec.txt

Advisory: Fujitsu-Siemens ServerView Remote Command Execution RedTeam Pentesting discovered a remote command execution in the Fujitsu- Siemens ServerView during a penetration test. The DBAsciiAccess CGI script is vulnerable to a remote command execution because of a parameter which is not properl...

7.5CVSS6.6AI score0.04165EPSS
Exploits3
securityvulns
securityvulnsadded 2007/07/06 12:0 a.m.31 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

4.3CVSS1.5AI score0.01569EPSS
Exploits1References2Affected Software2
Prion
Prionadded 2007/07/05 7:30 p.m.17 views

Code injection

The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter...

7.5CVSS7.9AI score0.04165EPSS
Exploits3References8Affected Software1
CVE
CVEadded 2007/07/05 7:0 p.m.51 views

CVE-2007-3011

Summary (concrete details): CVE-2007-3011 affects Fujitsu-Siemens ServerView prior to v4.50.09 where the DBAsciiAccess CGI script in the web interface processes the Servername subparameter of the ParameterList and fails to sanitize input, enabling remote command execution. An attacker can inject ...

7.5CVSS7.5AI score0.04165EPSS
Exploits3References8Affected Software1
Cvelist
Cvelistadded 2007/07/05 7:0 p.m.27 views

CVE-2007-3011

The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter...

7.5AI score0.04165EPSS
Exploits3References8
securityvulns
securityvulnsadded 2007/07/05 12:0 a.m.33 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References4Affected Software4
seebug.org
seebug.orgadded 2007/07/05 12:0 a.m.37 views

Fujitsu ServerView DBASCIIAccess脚本远程代码执行漏洞

BUGTRAQ ID: 24762 CVECAN ID: CVE-2007-3011 ServerView是用于进行自动分析和版本维护的资产管理工具。 ServerView的Web接口处理用户数据时存在输入验证漏洞,远程攻击者可能利用此漏洞在服务器上以Web进程的权限执行任意命令。 DBAsciiAccess CGI脚本提供了ping功能,该脚本Parameterlist参数的Servername子参数给出了所要ping的IP地址,但没有对这个IP地址执行任何检查。如果在IP后添加了拖尾分号,攻击者就可以注入任意shell命令并以Web服务器进程的权限执行。 Fujitsu...

7.5CVSS6.4AI score0.04165EPSS
Exploits3
Rows per page
Query Builder