9784 matches found
Trend Micro OfficeScan 3.x - CGI Directory Insufficient Permissions
source: https://www.securityfocus.com/bid/6616/info A vulnerability has been reported for Trend Micro OfficeScan that may allow attackers to access programs residing in the cgi directory of the OfficeScan installation. http://x.x.x.x/officescan/cgi/cgiMasterPwd.exe...
XSS (Cross Site Scripting) on FormMail.CGI
Topic: XSS Cross Site Scripting on FormMail.CGI Version: 1.92 Released: April 21, 2002 Manufacturer: http://www.scriptarchive.com/formmail.html By XyborG - [email protected] - http://www.rzweb.com.ar/ Formmai.cgi, it is a utility that serves to send forms by email, among other uses. The operatio...
Psunami Bulletin Board 0.x - 'Psunami.cgi' Remote Command Execution (1)
source: https://www.securityfocus.com/bid/6607/info Psunami Bulletin Board is prone to a remote command execution vulnerability. Psunami does not sufficiently sanitize shell metacharacters from query string parameters. As a result, it may be possible for a remote attacker to execute arbitrary...
CGI bugs
No description provided...
Multiple cgihtml bugs
Temporary files problem, Content-Length DoS, buffer overflows...
CGI bugs
No description provided...
Smart Search 4.25 - Remote Command Execution
Smart Search 4.25 - Remote Command Execution source: https://www.securityfocus.com/bid/7133/info A vulnerability has been discovered in the Smart Search CGI script. Due to insufficient sanitization of user-supplied URI parameters, it may be possible for an attacker to execute arbitrary commands o...
Smart Search 4.25 - Remote Command Execution
source: https://www.securityfocus.com/bid/7133/info A vulnerability has been discovered in the Smart Search CGI script. Due to insufficient sanitization of user-supplied URI parameters, it may be possible for an attacker to execute arbitrary commands on a target system. All commands executed in...
CVE-2002-1938
Virgil CGI Scanner 0.9 allows remote attackers to execute arbitrary commands via the 1 tar TARGET or 2 zielport ZIELPORT parameters...
CVE-2002-1635
The Apache configuration file httpd.conf in Oracle 9i Application Server 9iAS uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin...
CVE-2002-1680
Cross-site scripting XSS vulnerability in CGI Online Worldweb Shopping 1.1 a.k.a. COWS allows remote attackers to execute arbitrary script as other users by injecting script into 1 diagnose.cgi or 2 compatible.cgi...
CVE-2002-1986
Perception LiteServe 2.0 through 2.0.1 allows remote attackers to obtain the source code of CGI scripts via an HTTP request with a trailing dot "."...
CVE-2002-2251
Buffer overflow in the changevalue function in libcgi.h for Marcos Luiz Onisto Lib CGI 0.1 allows remote attackers to execute arbitrary code via a long argument...
CVE-2002-1850
modcgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service hang and memory consumption by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script...
PT-2002-2572 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache versions 2.0.39 through 2.0.40 Description: The issue allows local users and possibly remote attackers to cause a denial of service, resulting in hang and memory consumption. This occurs when a CGI script sends a large amount of data t...
CGI bugs
No description provided...
CVE-2002-1361
overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP Security Hardening Patch installed allows remote attackers to execute arbitrary code via a POST request with shell metacharacters in the email parameter...
CGI bugs
No description provided...
CGI bugs
No description provided...
CGI bugs
No description provided...