1528 matches found
PHP File Upload Vulnerability POC
PHP File Upload Vulnerability POC Title: Overwrite $FILE array in rfc1867 - Mime multipart/form-data File Upload Author: Stefano Di Paola Affected: Php = 5.0.1 Not Affected: Maybe some old Version of Php before 4.2.x Vulnerability Type: Possible write of a downloaded file in an arbitrary location...
Apple Safari fails to properly handle form data in HTTP redirects
Overview There is a vulnerability in the way Safari handles form data that may expose sensitive information when the forward/backward buttons are used. Description Apple Safari is a web browser available for the Mac OS X operating system. A vulnerability exists in the way Safari handles web form...
Mandrake Linux Security Advisory : php (MDKSA-2002:017)
Several flaws exist in various versions of PHP in the way it handles multipart/form-data POST requests, which are used for file uploads. The phpmimesplit function could be used by an attacker to execute arbitrary code on the server. This affects both PHP4 and PHP3. The authors have fixed this in...
CVE-2002-0717
PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP POST request with certain arguments in a multipart/form-data form, which generates an error condition that is not properly handled and causes improper memory to be freed...
Advisory 02/2002: PHP remote vulnerability
e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: Remote Compromise/DOS Vulnerability in PHP Release Date: 2002/07/22 Last Modified: 2002/07/22 Author: Stefan Esser [email protected] Application: PHP 4.2.0, 4.2.1 Severity: A vulnerability within the multipart/form-data handler...
CVE-2002-0081
Buffer overflows in 1 phpmimesplit in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and 2 php3mimesplit in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when fileuploads is enabled...
DCShop Beta 1.0 - Form Manipulation
source: https://www.securityfocus.com/bid/4356/info DCShop Beta is a freely available shopping cart system, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. It is possible to overwrite setup files .setup by submitting attacker-supplied...
Internet Explorer help
None None...