CGI bugs

No description provided...

Rosiello Security's exploit for MDaemon

© Rosiello Security http://www.rosiello.org Bug found by hat-squad security. Background by securiteam.com MDaemon offers a full range of mail server functionality. MDaemon protects your users from spam and viruses, provides full security, includes seamless web access to your email via WorldClient...

phpBB < 2.0.7 Multiple XSS

There are cross-site scripting vulnerabilities in the files 'ViewTopic.php' and 'ViewForum.php' in the remote installation of phpBB. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid12093; scriptversion"1.27";...

CGI bugs

No description provided...

IBM Net.Data db2www CGI interpreter fails to properly validate requested macro filenames

Overview IBM Net.Data fails to properly validate user input passed to the db2www CGI interpreter, which could allow an attacker to mount a cross-site scripting attack against a vulnerable system. Description IBM Net.Data is a scripting language used to create web applications. Net.Data macros are...

SandSurfer < 1.7.1 XSS

The remote host is running SandSurfer, a web-based time keeping application. A vulnerability has been disclosed in all versions of this software, up to version 1.7.0 included which may allow an attacker to use it to perform cross-site scripting attacks against third-party users. %NASLMINLEVEL 703...

CGI bugs

No description provided...

CGI bugs

No description provided...

CGI bugs

No description provided...

ShopCartCGI Multiple Script Traversal Arbitrary File Access

The remote host is running ShopCartCGI - a set of CGIs designed to set up an on-line shopping cart. The version of ShopCartCGI on the remote host fails to sanitize input to several of its CGI scripts before using it to read and display files. An unauthenticated, remote attacker can leverage these...

ASP Portal User Profile XSS

The remote host is running the ASP Portal CGI suite. There is a cross-site scripting issue in this suite that may allow an attacker to steal your users cookies. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid12057;...

CGI bugs

No description provided...

CGI bugs

No description provided...

RXGoogle.CGI 1.02.5 - Cross-Site Scripting

RXGoogle.CGI 1.02.5 - Cross-Site Scripting source: https://www.securityfocus.com/bid/9575/info The rxgoogle.cgi search script is prone to a cross-site scripting vulnerability because the software fails to sanitize user input and allows various metacharacters that may facilitate cross-site scripti...

Leif Wright Web Blog blog.cgi ViewFile Request file Parameter Arbitrary Command Execution

The remote host is running LeifWright's blog.cgi - a CGI designed to handle personal web logs or 'blogs'. There is a bug in this software that could allow an attacker to execute arbitrary commands on the remote web server with the privileges of the web user. %NASLMINLEVEL 70300 C Tenable Network...

PJ CGI Neo PJreview_Neo.cgi p Parameter Traversal Arbitrary File Access

The remote host is running PJreviewneo.cgi - a web-based software. There is a bug in this software which may allow an attacker to read arbitrary files on the remote web server with the privileges of the web user. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc...

CGI bugs

No description provided...

ZH2004-02SA &#40;security advisory&#41;: PJ CGI Neo review &#40;NeoBoard review&#41; Remote arbitrary file retrieving

ZH2004-02SA security advisory: PJ CGI Neo review NeoBoard review Remote arbitrary file retrieving Published: 29 january 2004 Released: 29 january 2004 Name: PJ CGI Neo review NeoBoard review Affected Systems: Current version Issue: Remote file retrieving Author: Zone-h Security Labs Vendor:...

CVE-2004-2132

Directory traversal vulnerability in PJreviewNeo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary files via a .. dot dot in the p parameter...

PJ CGI Neo Review - Directory Traversal

source: https://www.securityfocus.com/bid/9524/info It has been reported that PJ CGI Neo Review may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory by using '../' character sequences...