9784 matches found
CVE-2000-0422
Buffer overflow in Netwin DMailWeb CGI program allows remote attackers to execute arbitrary commands via a long utoken parameter...
CGI: Selena Sol's WebBanner ( Random Banner Generator ) Vulnerability
Application Name: WebBanner Random Banner Generator Application Authors: Eric Tachibana Selena Sol and Gunther Birznieks Version: 4.0 Last Modified: 17NOV98 Site: http://www.extropia.com Origin: Script design fault Consequence: User can view files as user the server are running Solution: See at t...
CVE-2000-0639
The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server...
CVE-2000-0526
mailview.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to read arbitrary files via a .. dot dot attack...
mdma-5.savant.txt
MDMA Advisory 5 by Andrew Lewis aka. Wizdumb Reading of CGI Scripts under Savant Webserver It is possible to view the source of CGI scripts running under the Savant Webserver by omitting the HTTP version from your request. For example, we connect to port 80 of the server and type "GET...
MDMA Advisory #5: Reading of CGI Scripts under Savant Webserver
MDMA Advisory 5 by Andrew Lewis aka. Wizdumb Reading of CGI Scripts under Savant Webserver It is possible to view the source of CGI scripts running under the Savant Webserver by omitting the HTTP version from your request. For example, we connect to port 80 of the server and type "GET...
Ошибка в Savant
При непоном GET-запросе сервер выдает содержимое CGI-приложения вместо его результата...
CVE-2000-0521
Savant web server allows remote attackers to read source code of CGI scripts via a GET request that does not include the HTTP version number...
Michael Lamont Savant Web Server 2.1 - CGI Source Code Disclosure
source: https://www.securityfocus.com/bid/1313/info Omitting the HTTP version from a "GET" request for a CGI script to the Savant Web Server discloses the source code of the script. telnet target 80 GET /cgi-bin/script.xyz HTTP/1.0 GET /cgi-bin/script.xyz...
Michael Lamont Savant Web Server 2.1 - CGI Source Code Disclosure
Michael Lamont Savant Web Server 2.1 - CGI Source Code Disclosure source: https://www.securityfocus.com/bid/1313/info Omitting the HTTP version from a "GET" request for a CGI script to the Savant Web Server discloses the source code of the script. telnet target 80 GET /cgi-bin/script.xyz HTTP/1.0...
CVE-1999-0854
Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to view the data if an error occurs when the HTTP server attempts to execute the file...
CVE-2000-0564
The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter...
access.counter-4.0.7.txt
The popular CGI web page access counter version 4.0.7 by George Burgyan allows execution of arbitrary commands due to unchecked user input. Commands are executed with the same privilege as the web server. Of course, other exploits can be used to get root access on an unpatched OS. The counter...
Sambar Server /cgi-bin/mailit.pl Arbitrary Mail Relay
The Sambar web server is running and the 'mailit.pl' cgi is installed. This CGI takes a POST request from any host and sends a mail to a supplied address. %NASLMINLEVEL 70300 Copyright 2000 by Hendrik Scholz Changes by Tenable: - Revised plugin title 4/2/2009 - Updated to use compat.inc, added CV...
Sambar Server /session/sendmail Arbitrary Mail Relay
The Sambar web server is running. It provides a web interface for sending emails. You may simply pass a POST request to /session/sendmail and by this send mails to anyone you want. Due to the fact that Sambar does not check HTTP referrers you do not need direct access to the server! %NASLMINLEVEL...
Banner.rotating
-- Banner rotating 01 -- -- Description: "Banner rotating 01" is a cgi script distributed for free on several site builder sites, including Hot Area. The script is available on http://www.hotarea.net/web/scripts/banner01/ The cgi script offers numerous functions for those wishing to manage rotati...
Banner Rotation 01
-- Banner rotating 01 -- -- Description: "Banner rotating 01" is a cgi script distributed for free on several site builder sites, including Hot Area. The script is available on http://www.hotarea.net/web/scripts/banner01/ The cgi script offers numerous functions for those wishing to manage rotati...
Vulnerability in CGI counter 4.0.7 by George Burgyan
I've found no mention of this vulnerability in Bugtraq or in the CVE nor have I been able to contact the author, so I'm posting here to give everyone the opportunity to protect themselves. This vulnerability is being actively exploited and has been reported to CERT. The popular CGI web page acces...
CVE-2000-0424
The CGI counter 4.0.7 by George Burgyan allows remote attackers to execute arbitrary commands via shell metacharacters...
George Burgyan CGI Counter 4.0.2/4.0.7 - Input Validation
source: https://www.securityfocus.com/bid/1202/info Due to unchecked code that handles user input in George Burgyan's CGI Counter, remote execution of arbitrary commands at the same privilege level as the web server it is running on is possible. Examples:...