CVE-2006-1279

CGI::Session 4.03-1 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by 1 Driver::File, 2 Driver::dbfile, and possibly 3 Driver::sqlite...

DEBIAN-CVE-2006-1279

CGI::Session 4.03-1 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by 1 Driver::File, 2 Driver::dbfile, and possibly 3 Driver::sqlite...

CVE-2006-1280

CGI::Session 4.03-1 does not set proper permissions on temporary files created in 1 Driver::File and 2 Driver::dbfile, which allows local users to obtain privileged information, such as session keys, by viewing the files...

CVE-2006-1279

CGI::Session 4.03-1 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by 1 Driver::File, 2 Driver::dbfile, and possibly 3 Driver::sqlite...

CVE-2006-1280

CGI::Session 4.03-1 does not set proper permissions on temporary files created in 1 Driver::File and 2 Driver::dbfile, which allows local users to obtain privileged information, such as session keys, by viewing the files...

CVE-2006-1279

CVE-2006-1279 affects CGI::Session 4.03-1. The vulnerability allows local users to overwrite arbitrary files by exploiting a symlink attack on temporary files used by the drivers File, db_file, and possibly sqlite. The issue is a local-privilege/file-write vulnerability rather than a remote-execu...

CVE-2006-1280

CGI::Session 4.03-1 is affected by improper permissions on temporary files created by Driver::File and Driver::db_file, enabling local users to view files containing privileged data such as session keys. This is the core issue described in CVE-2006-1280 across sources (NVD/NVD mirrors and OSV-lik...

CVE-2006-1279

CGI::Session 4.03-1 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by 1 Driver::File, 2 Driver::dbfile, and possibly 3 Driver::sqlite...

CVE-2006-1280

CGI::Session 4.03-1 does not set proper permissions on temporary files created in 1 Driver::File and 2 Driver::dbfile, which allows local users to obtain privileged information, such as session keys, by viewing the files...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Sql-injection in RalfChat

Advisory: Sql-injection in RalfChat Home Page: http://www.ralfchat.de Уязвимость/Vulnerability: Sql-injection, Cross Site Scripting Уязвимый скрипт/Vulnerable script: chat2.cgi http://chat.shaonline.ru/cgi-bin/chat2.cgi?action=userinfo&infoabout=Fear'...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

[SA19211] CGI::Session Insecure Default Session File Permissions

TITLE: CGI::Session Insecure Default Session File Permissions SECUNIA ADVISORY ID: SA19211 VERIFY ADVISORY: http://secunia.com/advisories/19211/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: CGI::Session 4.x http://secunia.com/product/8688/...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...