Lucene search
K

1528 matches found

securityvulns
securityvulns
added 2004/09/30 12:0 a.m.49 views

PHP File Upload Vulnerability POC

PHP File Upload Vulnerability POC Title: Overwrite $FILE array in rfc1867 - Mime multipart/form-data File Upload Author: Stefano Di Paola Affected: Php = 5.0.1 Not Affected: Maybe some old Version of Php before 4.2.x Vulnerability Type: Possible write of a downloaded file in an arbitrary location...

7.1AI score
Exploits0
CERT
CERT
added 2004/08/16 12:0 a.m.48 views

Apple Safari fails to properly handle form data in HTTP redirects

Overview There is a vulnerability in the way Safari handles form data that may expose sensitive information when the forward/backward buttons are used. Description Apple Safari is a web browser available for the Mac OS X operating system. A vulnerability exists in the way Safari handles web form...

5CVSS5.9AI score0.01958EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.29 views

Mandrake Linux Security Advisory : php (MDKSA-2002:017)

Several flaws exist in various versions of PHP in the way it handles multipart/form-data POST requests, which are used for file uploads. The phpmimesplit function could be used by an attacker to execute arbitrary code on the server. This affects both PHP4 and PHP3. The authors have fixed this in...

7.5CVSS5.7AI score0.24256EPSS
Exploits0References2
Cvelist
Cvelist
added 2002/07/23 4:0 a.m.27 views

CVE-2002-0717

PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP POST request with certain arguments in a multipart/form-data form, which generates an error condition that is not properly handled and causes improper memory to be freed...

7.9AI score0.1095EPSS
Exploits0References5
securityvulns
securityvulns
added 2002/07/22 12:0 a.m.32 views

Advisory 02/2002: PHP remote vulnerability

e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: Remote Compromise/DOS Vulnerability in PHP Release Date: 2002/07/22 Last Modified: 2002/07/22 Author: Stefan Esser [email protected] Application: PHP 4.2.0, 4.2.1 Severity: A vulnerability within the multipart/form-data handler...

0.2AI score
Exploits0
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.38 views

CVE-2002-0081

Buffer overflows in 1 phpmimesplit in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and 2 php3mimesplit in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when fileuploads is enabled...

7.4AI score0.24256EPSS
Exploits0References19
Exploit DB
Exploit DB
added 2002/03/25 12:0 a.m.34 views

DCShop Beta 1.0 - Form Manipulation

source: https://www.securityfocus.com/bid/4356/info DCShop Beta is a freely available shopping cart system, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. It is possible to overwrite setup files .setup by submitting attacker-supplied...

7.4AI score
Exploits0
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.9 views

Internet Explorer help

None None...

5.8AI score
Exploits0
Rows per page
Query Builder