Lucene search
+L

127 matches found

Prion
Prion
added 2007/03/16 8:19 p.m.17 views

Design/Logic Flaw

Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updater 6, and ColdFusion MX 6.1 and 7.0 Enterprise, when using Microsoft IIS 6, allows remote attackers to cause a denial of service via unspecified vectors, involving the request of a file in the JRun web root...

4.3CVSS7.1AI score0.25617EPSS
Exploits0References7Affected Software2
Exploit DB
Exploit DB
added 2007/02/19 12:0 a.m.23 views

Powerschool 4.3.6/5.1.2 - JavaScript File Request Information Disclosure

source: https://www.securityfocus.com/bid/22611/info Powerschool is prone to an information-disclosure vulnerability because the application discloses information about administrative session variables. An attacker can exploit these issue to obtain sensitive information that may aid in other...

7.4AI score
Exploits0
0day.today
0day.today
added 2006/11/16 12:0 a.m.35 views

HTTP Upload Tool (download.php) Information Disclosure Vulnerability

Exploit for unknown platform in category web applications ==================================================================== HTTP Upload Tool download.php Information Disclosure Vulnerability ==================================================================== Target: HTTP Upload Tool For PHP 1...

7.1AI score
Exploits0
OSV
OSV
added 2006/09/13 10:7 p.m.11 views

CVE-2006-4743

WordPress 2.0.2 through 2.0.5 allows remote attackers to obtain sensitive information via a direct request for 1 404.php, 2 akismet.php, 3 archive.php, 4 archives.php, 5 attachment.php, 6 blogger.php, 7 comments.php, 8 comments-popup.php, 9 dotclear.php, 10 footer.php, 11 functions.php, 12...

5AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2006/05/29 4:2 p.m.31 views

CVE-2006-2563

The cURL library libcurl in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters...

2.1CVSS5.9AI score0.00408EPSS
Exploits1References2
Cvelist
Cvelist
added 2006/05/29 4:0 p.m.38 views

CVE-2006-2563

The cURL library libcurl in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters...

6.1AI score0.00408EPSS
Exploits1References13
exploitpack
exploitpack
added 2006/01/28 12:0 a.m.26 views

SHOUTcast 1.9.4 - File Request Leaked Format String

SHOUTcast 1.9.4 - File Request Leaked Format String / Shoutcast include include include include include include include include include include include define SHELLPORT 7000 define SHELLCOMMAND "unset HISTFILE; uname -a; id;" if 1 unsigned char shellcode = / bindshell 7000 Unknown /...

Exploits0
0day.today
0day.today
added 2006/01/28 12:0 a.m.30 views

SHOUTcast <= 1.9.4 File Request Format String Exploit (Leaked)

Exploit for linux platform in category remote exploits ============================================================== SHOUTcast include include include include include include include include include include include define SHELLPORT 7000 define SHELLCOMMAND "unset HISTFILE; uname -a; id;" if 1...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/01/28 12:0 a.m.29 views

SHOUTcast &lt;= 1.9.4 File Request Format String Exploit (Leaked)

No description provided by source. / Shoutcast = 1.9.4 exploit by crash-x Trys to upload the shellcode to a fixed address and execute it. This exploit was not written bei Simon 'Zodiac' Moser segfault.ch. / include stdio.h include stdlib.h include stdarg.h include string.h include sys/types.h...

7.1AI score
Exploits0
NVD
NVD
added 2005/12/31 5:0 a.m.21 views

CVE-2005-4703

Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that contains an MS-DOS device name such as lpt9, which leaks the pathname in an error message, as demonstrated by lpt9.xtp using Nikto...

5CVSS6.1AI score0.25132EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2005/03/12 12:0 a.m.33 views

Active WebCam Webserver <= 5.5 Multiple Vulnerabilities (DoS, Path Disc)

The version of PY Software's Active WebCam web server running on the remote host is affected by multiple vulnerabilities: o Denial of Service Vulnerabilities. A request for a file on floppy drive may result in a dialog prompt, causing the service to cease until it is acknowledged by an...

5CVSS5.5AI score0.06882EPSS
Exploits4References7
CERT
CERT
added 2004/03/10 12:0 a.m.32 views

Microsoft MSN Messenger fails to properly validate file requests

Overview Microsoft MSN Messenger fails to properly validate file requests which could allow an attacker to view the contents of files on the victim's system. Description Microsoft MSN Messenger is an instant messaging application that allows users to collaborate with friends using text messages,...

5CVSS7.2AI score0.22467EPSS
Exploits0References3
exploitpack
exploitpack
added 2002/10/11 12:0 a.m.12 views

KDE 3.0.x - KPF Icon Option File Disclosure

KDE 3.0.x - KPF Icon Option File Disclosure source: https://www.securityfocus.com/bid/5951/info A vulnerability has been discovered in the kpf file sharing utility. KDE is available for the Linux operating system. It has been reported that by passing a malicious file request to kpf, it is possibl...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/10/11 12:0 a.m.48 views

KDE 3.0.x - KPF Icon Option File Disclosure

source: https://www.securityfocus.com/bid/5951/info A vulnerability has been discovered in the kpf file sharing utility. KDE is available for the Linux operating system. It has been reported that by passing a malicious file request to kpf, it is possible for a remote attacker to access files...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.20 views

CVE-2002-0894

NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service crash via 1 a request for a long .jsp file, or 2 a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet...

6.7AI score0.03318EPSS
Exploits1References4
securityvulns
securityvulns
added 2001/11/14 12:0 a.m.34 views

Cgisecurity.com Advisory #6: thttpd and mini_http Permission bypass vuln

Hello, The vendor has already sent out notices and the patches can be found on the vendors homepage listed below. - [email protected] Cgi Security Advisory 6 [email protected] Thttpd and MiniHttpd Webserver Permission Bypass Found November 2001 Public Release November 2001 Vendor Contacted...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2001/06/26 12:0 a.m.12 views

Icecast 1.1.x1.3.x - Slash File Name Denial of Service

Icecast 1.1.x1.3.x - Slash File Name Denial of Service source: https://www.securityfocus.com/bid/2933/info Icecast is an open source audio-streaming server for both Unix and Microsoft Windows systems. Icecast does not sufficiently sanitize user-supplied input, or sanely handle unexpected input...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2001/05/24 4:0 a.m.17 views

CVE-2001-0264

Gene6 G6 FTP Server 2.0 aka BPFTP Server 2.10 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection...

6.3AI score0.02985EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2001/03/23 12:0 a.m.24 views

elron im Anti-Virus 3.0.3 - Directory Traversal

source: https://www.securityfocus.com/bid/2519/info Elron IM is a suite of tools providing internet filtering, virus protection, and other features. Certain non-current versions of products in the Internet Manager suite, including IM Anti-Virus, are vulnerable to directory traversal attacks. An...

7.4AI score
Exploits0
NVD
NVD
added 2001/02/16 5:0 a.m.22 views

CVE-2001-0031

BroadVision One-To-One Enterprise allows remote attackers to determine the physical path of server files by requesting a .JSP file name that does not exist...

5CVSS6.4AI score0.01448EPSS
Exploits1References2
Rows per page
Query Builder