CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9786 matches found

securityvulns•added 2005/02/02 12:0 a.m.•39 views

Multiple bugs in Savant Web Server

Buffer overflow on long URL, directory traversal, buffer overflows in CGI, etc...

4AI score

Exploits0References3Affected Software1

Gentoo Linux•added 2005/01/25 12:0 a.m.•79 views

AWStats: Remote code execution

Background AWStats is an advanced log file analyzer and statistics generator. Description When 'awstats.pl' is run as a CGI script, it fails to validate specific inputs which are used in a Perl open function call. Furthermore, a user could read log file content even when plugin rawlog was not...

7.5CVSS6.9AI score0.74941EPSS

Exploits11

securityvulns•added 2005/01/23 12:0 a.m.•31 views

PHP/ASP/CGI web applications security vulnerabilities

PHP inclusions, SQL injections, directory traversals, crossite scripting, etc...

2.2AI score

Exploits0References9Affected Software8

Debian•added 2005/01/20 4:7 p.m.•18 views

[SECURITY] [DSA 650-1] New sword packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 650-1 [email protected] http://www.debian.org/security/ Martin Schulze January 20th, 2005 http://www.debian.org/security/faq -...

7.5CVSS7AI score0.02263EPSS

Exploits0

Debian•added 2005/01/20 4:7 p.m.•23 views

[SECURITY] [DSA 650-1] New sword packages fix arbitrary command execution

7.5CVSS0.6AI score0.02263EPSS

Exploits0

OSV•added 2005/01/20 12:0 a.m.•18 views

DSA-650-1 sword - missing input sanitising

Bulletin has no description...

7.5CVSS6.1AI score0.02263EPSS

Exploits0

Cvelist•added 2005/01/19 5:0 a.m.•17 views

CVE-2005-0111

Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter...

8.1AI score0.03842EPSS

Exploits1References3

securityvulns•added 2005/01/18 12:0 a.m.•39 views

[Full-Disclosure] iDEFENSE Security Advisory 01.17.05: AWStats Remote Command Execution Vulnerability

AWStats Remote Command Execution Vulnerability iDEFENSE Security Advisory 01.17.05 www.idefense.com/application/poi/display?id=185&type=vulnerabilities January 17, 2005 I. BACKGROUND AWStats is a free tool that generates advanced web, ftp or mail server statistics, graphically. More information...

1.7AI score

Exploits0

securityvulns•added 2005/01/17 12:0 a.m.•35 views

PHP/ASP/CGI web applications security flaws

No description provided...

1.4AI score

Exploits0References30Affected Software22

securityvulns•added 2005/01/15 12:0 a.m.•34 views

iDEFENSE Security Advisory 01.13.05: MySQL MaxDB WebAgent websql logon Buffer Overflow Vulnerability

MySQL MaxDB WebAgent websql logon Buffer Overflow Vulnerability iDEFENSE Security Advisory 01.13.05 www.idefense.com/application/poi/display?id=181&type=vulnerabilities January 13, 2005 I. BACKGROUND MaxDB by MySQL is a re-branded and enhanced version of SAP DB, SAP AG's open source database. Max...

0.4AI score

Exploits0

Tenable Nessus•added 2005/01/14 12:0 a.m.•21 views

Movable Type mt-load.cgi Privilege Escalation

The remote web server is hosting Movable Type with 'mt-load.cgi' installed. Failure to remove mt-load.cgi could enable someone else to create a weblog in your Movable Type installation, and possibly gain access to your data. %NASLMINLEVEL 70300 This script was written by Rich Walchuck rich.walchu...

5.6AI score

Exploits0

UbuntuCve•added 2005/01/13 5:0 a.m.•24 views

CVE-2005-0111

Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter...

7.5CVSS6.6AI score0.03842EPSS

Exploits1References1

securityvulns•added 2005/01/09 12:0 a.m.•29 views

CGI/PHP/ASP bugs

No description provided...

0.9AI score

Exploits0References17Affected Software12

exploitpack•added 2005/01/08 12:0 a.m.•32 views

Webmin 1.5 - Web Brute Force (CGI)

Webmin 1.5 - Web Brute Force CGI !/usr/bin/perl use CGI qw:standard; use IO::Socket; $CGI::HEADERSONCE = 1; $CGI = new CGI; $atak = $CGI-param"atak"; $host = $CGI-param"host"; $wlist = $CGI-param"wlist"; $cmd = $CGI-param"cmd"; print $CGI-header-type='text/html',-charset='windows-1254'; print...

7.4AI score

Exploits0

seebug.org•added 2005/01/08 12:0 a.m.•19 views

Webmin Web Brute Force v1.5 (cgi-version)

No description provided by source. !/usr/bin/perl use CGI qw:standard; use IO::Socket; $CGI::HEADERSONCE = 1; $CGI = new CGI; $atak = $CGI-param"atak"; $host = $CGI-param"host"; $wlist = $CGI-param"wlist"; $cmd = $CGI-param"cmd"; print $CGI-header-type='text/html',-charset='windows-1254'; print...

7.1AI score

Exploits0

Exploit DB•added 2005/01/08 12:0 a.m.•61 views

Webmin 1.5 - Web Brute Force (CGI)

!/usr/bin/perl use CGI qw:standard; use IO::Socket; $CGI::HEADERSONCE = 1; $CGI = new CGI; $atak = $CGI-param"atak"; $host = $CGI-param"host"; $wlist = $CGI-param"wlist"; $cmd = $CGI-param"cmd"; print $CGI-header-type='text/html',-charset='windows-1254'; print qqWebmin Web Brute Force v1.5 - cgi...

7.4AI score

Exploits0

securityvulns•added 2005/01/02 12:0 a.m.•26 views

CGI bugs

No description provided...

1.4AI score

Exploits0References16Affected Software12