Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9783 matches found

Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.87 views

CDomain whois_raw.cgi fqdn Parameter Arbitrary Command Execution

The remote host appears to be using the CdomainFree 'whoisraw.cgi' script. This CGI script allows an attacker to view any file on the target computer, as well as to execute arbitrary commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

10CVSS6AI score0.12557EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.35 views

Xylogics Annex Terminal Service ping CGI Program DoS

It was possible to crash the remote Annex terminal by connecting to the HTTP port, and requesting the '/ping' CGI script with an argument that is too long. For example: http://www.example.com/ping?query=AAAAA...AAAAA %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5CVSS5.5AI score0.01276EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.21 views

Miva htmlscript Traversal Arbitrary File Access

The 'htmlscript' cgi is installed. This CGI has a well known security flaw that lets anyone read arbitrary files with the privileges of the HTTP daemon root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

5CVSS5.4AI score0.05853EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.63 views

WebGais webgais CGI Arbitrary Command Execution

The 'webgais' CGI is installed. This CGI may let an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid10300;...

7.5CVSS5.5AI score0.08717EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.55 views

icat carbo.dll icatcommand Parameter Traversal Arbitrary File Access

The installed version of the 'icat' CGI allows a remote user to read arbitrary files on the remote target, because it fails to properly sanitize user-supplied input to the 'icatcommand' parameter. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

5CVSS5.5AI score0.08052EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.134 views

NCDSA HTTPd nph-test-cgi Arbitrary Directory Listing

The remote web server contains the 'nph-test-cgi' test script, which is included by default with some web servers. The version of this script on the remote host fails to quote input to several environment variables, such as 'QUERYSTRING', before echoing it back as part of a shell script. An...

7.5CVSS5.6AI score0.26164EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.38 views

Multiple Vendor view_source CGI Traversal Arbitrary File Access

The 'viewsource' CGI is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Script audit and contributions from Carmichael Security Erik...

6.4CVSS5.7AI score0.06901EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.45 views

Sambar Server dumpenv.pl Information Disclosure

CGI script 'dumpenv.pl' is installed on the remote host. This CGI gives away too much information about the web server configuration, which will help an attacker. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

5CVSS5.5AI score0.01464EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.17 views

IRIX handler CGI Arbitrary Command Execution

The 'handler' cgi is installed. This CGI has a well known security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.5CVSS5.8AI score0.10462EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.34 views

Multiple Vendor info2www CGI Arbitrary Command Execution

The 'info2www' CGI is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...

7.5CVSS5.9AI score0.09446EPSS
Exploits1References2
Exploit DB
Exploit DBadded 1999/06/05 12:0 a.m.22 views

Omnicron OmniHTTPd 1.1/2.0 Alpha 1 - 'visiadmin.exe' Denial of Service

source: https://www.securityfocus.com/bid/1808/info OmniHTTPD is a web-server offered by Omnicron for the MS Windows platform. One of the CGI utilities it ships with and installs by default contains a bug that could, if exploited, lead to a denial of service condition on host it runs on. When the...

7.4AI score
Exploits0
NVD
NVDadded 1999/06/03 4:0 a.m.44 views

CVE-1999-1412

A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service crash via a flood of HTTP GET requests to CGI programs, which generates a large number of processes...

5CVSS6.2AI score0.35342EPSS
Exploits0References2
exploitpack
exploitpackadded 1999/06/03 12:0 a.m.28 views

Apple Mac OSX Server 10.0 - Overload

Apple Mac OSX Server 10.0 - Overload source: https://www.securityfocus.com/bid/306/info A vulnerability in the MacOS X Server may crash it while under heavy load. The vulnerability appears while stress testing a server running the Apache web server and 32 or more process are concurntly doing HTTP...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 1999/06/03 12:0 a.m.45 views

Apple Mac OSX Server 10.0 - Overload

source: https://www.securityfocus.com/bid/306/info A vulnerability in the MacOS X Server may crash it while under heavy load. The vulnerability appears while stress testing a server running the Apache web server and 32 or more process are concurntly doing HTTP GET request to a CGI script in a loo...

7.4AI score
Exploits0
NVD
NVDadded 1999/06/01 4:0 a.m.16 views

CVE-1999-1063

CDomain whoisraw.cgi whois CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the fqdn parameter...

10CVSS7.6AI score0.12557EPSS
Exploits1References3
exploitpack
exploitpackadded 1999/06/01 12:0 a.m.10 views

CdomainFree 2.4 - Remote Command Execution

CdomainFree 2.4 - Remote Command Execution source: https://www.securityfocus.com/bid/304/info A vulnerability in a CGI program part of CdomainFree allows remote malicious users to run any executable already existing to the machine. The vulnerability is in the whoisraw.cgi program. This CGI passes...

Exploits0
Exploit DB
Exploit DBadded 1999/06/01 12:0 a.m.24 views

CdomainFree 2.4 - Remote Command Execution

source: https://www.securityfocus.com/bid/304/info A vulnerability in a CGI program part of CdomainFree allows remote malicious users to run any executable already existing to the machine. The vulnerability is in the whoisraw.cgi program. This CGI passes user input to the shell without proper...

7.4AI score
Exploits0
NVD
NVDadded 1999/04/09 4:0 a.m.26 views

CVE-1999-0287

Vulnerability in the Wguest CGI program...

7.5CVSS6.6AI score0.06169EPSS
Exploits0References1
exploitpack
exploitpackadded 1999/04/09 12:0 a.m.15 views

WebCom datakommunikation Guestbook 0.1 - rguest.exe Arbitrary File Access

WebCom datakommunikation Guestbook 0.1 - rguest.exe Arbitrary File Access source: https://www.securityfocus.com/bid/2024/info The freeware guestbook package from freeware.webcom.se provides a web-based guestbook feature, using CGI. Some versions of this guestbook undetermined at the time of writi...

0.5AI score
Exploits0
exploitpack
exploitpackadded 1999/04/09 12:0 a.m.15 views

WebCom datakommunikation Guestbook 0.1 - wguest.exe Arbitrary File Access

WebCom datakommunikation Guestbook 0.1 - wguest.exe Arbitrary File Access source: https://www.securityfocus.com/bid/2024/info The freeware guestbook package from freeware.webcom.se provides a web-based guestbook feature, using CGI. Some versions of this guestbook undetermined at the time of writi...

0.4AI score
Exploits0
Rows per page
Query Builder