26 matches found
EUVD-2000-0187
Malware in sbrugna...
EUVD-2000-1077
Malware in sbrugna...
alex heiphetz group ezshopper 2.0/3.0 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2109/info It is possible for a remote user to gain read access to various files that reside within the EZShopper directory. By requesting a specially crafted URL utilizing loadpage.cgi' application with a '/' appended,...
Alex Heiphetz Group EZShopper 3.0 - Remote Command Execution
No description provided by source. source: http://www.securityfocus.com/bid/1014/info EZShopper is a perl-based E-Commerce software package offered by Alex Heiphetz Group, Inc. It is possible to remotely compromise a host due to a lack of checks on user input passed directly to the open call. Thi...
EZshopper- Directory Transversal (loadpage.cgi)
No description provided by source. Example: http://targethost/cgi-bin/loadpage.cgi?userid=id&file=.|./.|./.|./.|./.|./etc/passwd%00.html milw0rm.com 2004-11-25...
ezshopper.txt
Product: EZshopper Versions: all URL: www.ahg.com Vulnerability: Directory Traversal Date: November 25, 2004 Discovered by: Zero X loadpage.cgi of EZshopper allows Directory Traversal Example: http://targethost/cgi-bin/loadpage.cgi?userid=id&file=.|./.|./.|./.|./.|./etc/passwd%00.html - Zero X -...
[UNIX] AHG EZshopper loadpage.cgi Directory Traversal (.|./ Attack)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
EZshopper is still vulnerable against Directory Traversal.
Product: EZshopper Versions: all URL: www.ahg.com Vulnerability: Directory Traversal Date: November 25, 2004 Discovered by: Zero X [email protected] loadpage.cgi of EZshopper allows Directory Traversal Example:...
Alex Heiphetz Group eZshopper - loadpage.cgi Directory Traversal
Alex Heiphetz Group eZshopper - loadpage.cgi Directory Traversal Example: http://targethost/cgi-bin/loadpage.cgi?userid=id&file=.|./.|./.|./.|./.|./etc/passwd%00.html milw0rm.com 2004-11-25...
Alex Heiphetz Group eZshopper - 'loadpage.cgi' Directory Traversal
Example: http://targethost/cgi-bin/loadpage.cgi?userid=id&file=.|./.|./.|./.|./.|./etc/passwd%00.html milw0rm.com 2004-11-25...
EZshopper Directory Transversal in loadpage.cgi
Exploit for cgi platform in category web applications =============================================== EZshopper Directory Transversal in loadpage.cgi =============================================== Example: http://targethost/cgi-bin/loadpage.cgi?userid=id&file=.|./.|./.|./.|./.|./etc/passwd%00.ht...
CVE-2000-1092
loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote attackers to list and read files in the EZshopper data directory by inserting a "/" in front of the target filename in the "file" parameter...
CVE-2000-1092
loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote attackers to list and read files in the EZshopper data directory by inserting a "/" in front of the target filename in the "file" parameter...
CVE-2000-1092
CVE-2000-1092 affects EZshopper v3.0 and v2.0 where loadpage.cgi fails to properly validate the parameter; inserting a leading “/” can cause local file listing and reading of EZshopper data files. The root cause is insufficient input validation allowing directory traversal-like behavior, enablin...
NSFOCUS SA2000-09 : AHG EZshopper Loadpage.cgi File List Disclosure Vulnerability
NSFOCUS Security AdvisorySA2000-09 Topic: AHG EZshopper Loadpage.cgi File List Disclosure Vulnerability Release DateЈє Dec 13rd, 2000 CVE Candidate Numbers: CAN-2000-1092 Affected system: ================ Alex Heiphetz Group EZshopper v.3.0 for Unix Alex Heiphetz Group EZshopper v.2.0 for Unix...
alex heiphetz Group eZshopper 2.03.0 - Directory Traversal
alex heiphetz Group eZshopper 2.03.0 - Directory Traversal source: https://www.securityfocus.com/bid/2109/info It is possible for a remote user to gain read access to various files that reside within the EZShopper directory. By requesting a specially crafted URL utilizing loadpage.cgi' applicatio...
alex heiphetz Group eZshopper 2.0/3.0 - Directory Traversal
source: https://www.securityfocus.com/bid/2109/info It is possible for a remote user to gain read access to various files that reside within the EZShopper directory. By requesting a specially crafted URL utilizing loadpage.cgi' application with a '/' appended, EZShopper will disclose the contents...
CVE-2000-0187
EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read arbitrary files via a .. dot dot attack or execute commands via shell metacharacters...
CVE-2000-0188
EZShopper 3.0’s search.cgi is vulnerable to directory traversal and command injection. Remote attackers can read arbitrary files via a .. path and may execute shell commands through metacharacters. The Nessus entry also mentions directory traversal in loadpage.cgi and possible arbitrary command e...
CVE-2000-0187
EZShopper 3.0 contains directory traversal in loadpage.cgi (and related scripts per Nessus data) that allows remote attackers to read arbitrary files via .. traversal and may permit command execution via shell metacharacters. Affected component is EZShopper’s web CGI handling; root cause is impro...