9786 matches found
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
SysInfo 1.21 (sysinfo.cgi) Remote Command Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "sysinfo.cgi 1.21 remote cmmnds xctn \r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; echo "dork: inurl:sysinfo.cgi ext:cgi\r\n\r\n"; if $argc4 echo "Usage: php ".$argv0...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
SysInfo 1.21 - 'sysinfo.cgi' Remote Command Execution
!/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $e...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
JVN#78363061 CAFEMILK Shopping Cart CGI cross-site scripting vulnerability
Impact A malicious script may be executed on the user's web browser. Personal information, recorded in cookies issued by CAFEMILK SHOPPING CART CGI, may be leaked. Solution Products Affected CAFEMILK SHOPPING CART version 3.80 and earlier...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
CVE-2006-1427
CVE-2006-1427 involves multiple cross-site scripting (XSS) vulnerabilities in WebAPP 0.9.9.3.2 and earlier. The affected component is the web application’s CGI interfaces, specifically cgi-bin/index.cgi (parameters: action, id, num, board, cat, real, viewcat, img, curcatname) and /mods/calendar/i...
CVE-2006-1427
Multiple cross-site scripting XSS vulnerabilities in WebAPP 0.9.9.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 action, 2 id, 3 num, 4 board, 5 cat, 6 real, 7 viewcat, 8 img, or 9 curcatname parameter in cgi-bin/index.cgi, or 10 vsSD parameter in...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
PostNuke PNphpBB2 includes/functions_admin.php phpbb_root_path Parameter Remote File Inclusion
The installation of PostNuke on the remote host includes a version of the PNphpBB2 module that fails to sanitize input to the 'phpbbrootpath' parameter of the 'includes/functionsadmin.php' script before using it in a PHP 'includeonce' function. Provided PHP's 'registerglobals' setting is enabled,...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Edgewall Software Trac SQL injection flaw
The remote web server contains a CGI script that is affected by a SQL injection flaw. Description: The remote host is running Trac, an enhanced wiki and issue tracking system for software development projects written in python. The remote version of this software is prone to a SQL injection flaw...