LISTSERV contains multiple buffer overflow vulnerabilities in the WA CGI script

Overview Several buffer overflow vulnerabilities have been discovered in LISTSERV. These vulnerabilities could allow a remote attacker to execute arbitrary code on an affected system. Description L-Soft's LISTSERV is an email list management software package. It includes a Web Archive and...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Acme thttpd < 2.26 htpasswd Utility Overflow

Binary data 3463.prm...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Jay Eckles CGI Calendar 2.7 allow remote attackers to inject arbitrary web script or HTML via the year parameter in 1 index.cgi and 2 viewday.cgi...

CVE-2006-0980

Multiple cross-site scripting XSS vulnerabilities in Jay Eckles CGI Calendar 2.7 allow remote attackers to inject arbitrary web script or HTML via the year parameter in 1 index.cgi and 2 viewday.cgi...

CVE-2006-0980

CVE-2006-0980 concerns multiple XSS vulnerabilities in Jay Eckles CGI Calendar 2.7. The flaws allow an attacker to inject arbitrary web script or HTML via the year parameter in the scripts index.cgi and viewday.cgi. Affected component: CGI Calendar 2.7; entry points: index.cgi and viewday.cgi; ve...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

cgiCal27XSS.txt

CGI Calendar XSS Vulnerability Software: CGI Calendar Version: 2.7 http://cgicalendar.sourceforge.net/ Description: an online calendar implemented using CGI technology Vulnerability: Cross-Site Scripting Exploit: /cgi-bin/calendar2/index.cgi?lang=en-us&mode=all&month=2&date=1&year=alert'xss';&db=...

HP System Management Homepage (SMH) on Windows Namazu lang Parameter Traversal Arbitrary File Access

The version of HP System Management Homepage installed on the remote host includes a version of the search engine Namazu that reportedly fails to validate user input to the 'lang' parameter of the 'namazu.cgi' script. An attacker may be able to exploit this issue to access files on the remote hos...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

CGI Calendar XSS Vulnerability

CGI Calendar XSS Vulnerability Software: CGI Calendar Version: 2.7 http://cgicalendar.sourceforge.net/ Description: an online calendar implemented using CGI technology Vulnerability: Cross-Site Scripting Exploit:...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Hauri Virobot antivirus privilege esalation

Local user can obtain unrestricted access with suid CGI executable...

[Full-disclosure] [INetCop Security Advisory] Global Hauri Virobot cookie exploit

======================================== INetCop Security Advisory 2006-0x82-028 ======================================== Title: Global Hauri Virobot cookie exploit 0x01. Description Virobot Unix/Linux Server is anti virus program that develop in Global Hauri. Product in Unix of SUN Sparc, HP, IB...