9786 matches found
fx-APP Version 0.0.8.1
fx-APP Version 0.0.8.1 Homepage: http://fx-app.org/ Effected files: search input box index.cgi input boxes on your profile adding a menu item ------------------------------------------------------- I noticed there was already several BID's on the a script WebAPP:...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
JVN#39570254 CGI RESCUE WebFORM allows unauthorized email transmission
Impact A remote attacker may send emails to arbitrary addresses. Solution Products Affected WebFORM 4.1 and earlier According to the vendor's information, FORM2MAIL also contains a similar vulnerability, and the fixed version of FORM2MAIL is available...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
USN-290-1: awstats vulnerability
Hendrik Weimer discovered a privilege escalation vulnerability in awstats. By supplying the 'configdir' CGI parameter and setting it to an attacker-controlled directory such as an FTP account, /tmp, or similar, an attacker could execute arbitrary shell commands with the privileges of the web serv...
D-Link Access-Point <= 2.10na (DWL Series) Config Disclosure Vuln
No description provided by source. ADVISORY/0206 - D-Link Wireless Access-Point DWL-2100ap INTRUDERS TIGER TEAM SECURITY - SECURITY ADVISORY http://www.intruders.com.br/ , http://www.intruders.org.br/ Making a HTTP request to the /cgi-bin/ directory, the Web server will return error 404 Page not...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
ishopcart-cgi-bof.c.txt
Vendor: ishopcart inc Vendor Site: ishopcart.com Vendor Status: notified via telephone While spending a night auditing I have found 2 buffer overflows and 1 directory traversal in the ishopcart cgi, which is written in C. The directory traversal is caused by how the cgi chooses to show pages. If,...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
ishopcart cgi 0day and multiple vulnerabilities
Vendor: ishopcart inc Vendor Site: ishopcart.com Vendor Status: notified via telephone While spending a night auditing I have found 2 buffer overflows and 1 directory traversal in the ishopcart cgi, which is written in C. The directory traversal is caused by how the cgi chooses to show pages. If,...
iShopCart vGetPost() Remote Buffer Overflow Exploit (cgi)
No description provided by source. / Creator: K-sPecial xzziroz.net of .aware awarenetwork.org Name: ishopcart-cgi-bof.c = easy-scart6.c Date: 5/25/2006 Version: 1.00 5/25/2006 - ishopcart-cgi-bof.c created Description: there is an overflow in the vGetPost function, it does not do any size checki...
iShopCart - 'vGetPost()' Remote Buffer Overflow (CGI)
/ Creator: K-sPecial xzziroz.net of .aware awarenetwork.org Name: ishopcart-cgi-bof.c include include include include include include include include define PORT 80 define CBPORT 31337 define IPOFFSET 33 + 13 define PORTOFFSET 39 + 13 // + 13 to these for the new forking mod added to cb define...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
USN-287-1: Nagios vulnerability
The nagios CGI scripts did not sufficiently check the validity of the HTTP Content-Length attribute. By sending a specially crafted HTTP request with an invalidly large Content-Length value to the Nagios server, a remote attacker could exploit this to execute arbitrary code with web server...