CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9786 matches found

Prion•added 2007/01/29 5:28 p.m.•14 views

Cross site scripting

Cross-site scripting XSS vulnerability in CGI-RESCUE WebFORM 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01033EPSS

Exploits0References4Affected Software1

Cvelist•added 2007/01/29 5:0 p.m.•16 views

CVE-2007-0547

Cross-site scripting XSS vulnerability in CGI-RESCUE WebFORM 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.01033EPSS

Exploits0References4

CVE•added 2007/01/29 5:0 p.m.•50 views

CVE-2007-0547

CGI-RESCUE WebFORM 4.3 and earlier has a cross-site scripting (XSS) vulnerability allowing remote injection of arbitrary script/HTML via unspecified vectors. Affected: WebFORM CGI script (Perl). Impact: arbitrary script execution in the user’s browser; CVSS v2 base score 4.3 (MEDIUM). Remediation...

4.3CVSS5.7AI score0.01033EPSS

Exploits0References4Affected Software1

securityvulns•added 2007/01/29 12:0 a.m.•84 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

9.3CVSS1.5AI score0.09917EPSS

Exploits9References15Affected Software18

securityvulns•added 2007/01/28 12:0 a.m.•42 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.5AI score0.03499EPSS

Exploits2References7Affected Software7

Japan Vulnerability Notes•added 2007/01/25 12:0 a.m.•13 views

JVN#05123538 CGI RESCUE WebFORM vulnerable to cross-site scripting

Impact An abitrary script may be executed on the user's web browser. Solution Products Affected WebFORM 4.3 and earlier According to the vendor's website, another product Web Mailer also contains a similar vulnerability. We have confirmed that the fixed version of the Web Mailer is also released...

7AI score

Exploits0

Japan Vulnerability Notes•added 2007/01/25 12:0 a.m.•21 views

JVN#05088443 CGI RESCUE WebFORM vulnerable to HTTP header injection

Impact Falsified information may be displayed or an arbitrary script may be executed on the user's web browser. Solution Products Affected WebFORM 4.3 and earlier According to the vendor's website, "Web Mailer" released from CGI RESCUE also contains a similar vulnerability...

6.9AI score

Exploits0

securityvulns•added 2007/01/25 12:0 a.m.•80 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

8.5CVSS1.5AI score0.07232EPSS

Exploits5References13Affected Software13

securityvulns•added 2007/01/25 12:0 a.m.•97 views

[SA23913] CGI Rescue WebFORM Cross-Site Scripting and HTTP Header Injection

TITLE: CGI Rescue WebFORM Cross-Site Scripting and HTTP Header Injection SECUNIA ADVISORY ID: SA23913 VERIFY ADVISORY: http://secunia.com/advisories/23913/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: WebFORM 4.x http://secunia.com/product/10398/ DESCRIPTION:...

0.8AI score

Exploits0

Japan Vulnerability Notes•added 2007/01/25 12:0 a.m.•12 views

JVN#24879092 CGI RESCUE WebFORM missing mail content vulnerability

Impact Some part of the sender information in the message may be lost. Solution Products Affected WebFORM 4.3 and earlier According to the vendor's website, "Web Mailer" also contains a similar vulnerability...

6.8AI score

Exploits0

securityvulns•added 2007/01/24 12:0 a.m.•151 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

10CVSS1.5AI score0.07279EPSS

Exploits3References36Affected Software28

securityvulns•added 2007/01/22 12:0 a.m.•57 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.5AI score0.08113EPSS

Exploits0References2Affected Software5

myhack58•added 2007/01/20 12:0 a.m.•129 views

Network Security Series knowledge of CGI exploits collection under-vulnerability warning-the black bar safety net

4 2. exprcalc. cfm ● Type: the attack type ● The level of risk: low ● Description: if in a Web directory containing: | /cfdocs/expeval/exprcalc. cfm /cfdocs/expeval/sendmail. cfm /cfdocs/expeval/eval. cfm /cfdocs/expeval/openfile. cfm /cfdocs/expeval/displayopenedfile. cfm...

0.2AI score

Exploits0

myhack58•added 2007/01/20 12:0 a.m.•25 views

Network Security Series knowledge of CGI exploits collection on-vulnerability warning-the black bar safety net

Following the collection and collation of some of the famous CGI vulnerability and provided some security recommendations and solutions, if the server of the presence of these vulnerabilities not patched, then, each vulnerability is likely will fill the intruder utilization, increase Server been...

8.9AI score

Exploits0

securityvulns•added 2007/01/20 12:0 a.m.•67 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.8CVSS1.5AI score0.24646EPSS

Exploits4References7Affected Software5

securityvulns•added 2007/01/18 12:0 a.m.•63 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.5AI score0.03279EPSS

Exploits6References5Affected Software9

securityvulns•added 2007/01/17 12:0 a.m.•64 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.8CVSS1.5AI score0.03216EPSS

Exploits6References10Affected Software5

Tenable Nessus•added 2007/01/17 12:0 a.m.•29 views

Fedora Core 6 : ruby-1.8.5-4.fc6 (2006-1109)

Fri Oct 27 2006 Akira TAGOH - 1.8.5-4 - security fix release. - ruby-1.8.5-cgi-CVE-2006-5467.patch: fix a CGI multipart parsing bug that causes the denial of service. 212396 - Sun Oct 1 2006 Jesse Keating - 1.8.5-3 - rebuilt for unwind info generation, broken in gcc-4.1.1-21 - Tue Sep 26 2006...

6.4CVSS7.2AI score0.05739EPSS

Exploits1References1

Tenable Nessus•added 2007/01/17 12:0 a.m.•34 views

Fedora Core 6 : ruby-1.8.5.2-1.fc6 (2006-1441)

Mon Dec 11 2006 Akira TAGOH - 1.8.5.2-1 - security fix release. 218289 - Fri Oct 27 2006 Akira TAGOH - 1.8.5-4 - security fix release. - ruby-1.8.5-cgi-CVE-2006-5467.patch: fix a CGI multipart parsing bug that causes the denial of service. 212396 - Sun Oct 1 2006 Jesse Keating - 1.8.5-3 - rebuilt...

6.4CVSS7.2AI score0.05739EPSS

Exploits1References1

Tenable Nessus•added 2007/01/17 12:0 a.m.•29 views

Fedora Core 5 : ruby-1.8.5-1.fc5 (2006-1110)

Fri Oct 27 2006 Akira TAGOH - 1.8.5-1 - security fix release. - ruby-1.8.5-cgi-CVE-2006-5467.patch: fix a CGI multipart parsing bug that causes the denial of service. 212396 - backport fixes from devel. - fixed rbconfig.rb to refer to DESTDIR for sitearchdir. 207311 - updates to 1.8.5 - removed...

6.4CVSS7.2AI score0.05739EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by