Lucene search
K

1518 matches found

ATTACKERKB
ATTACKERKB
added 2006/03/30 10:2 p.m.138 views

CVE-2006-1547

ActionForm in Apache Software Foundation ASF Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to...

7.8CVSS7.2AI score0.54635EPSS
In wildExploits1References10
Cvelist
Cvelist
added 2006/03/30 10:0 p.m.35 views

CVE-2006-1547

ActionForm in Apache Software Foundation ASF Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to...

8.9AI score0.54635EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2006/03/30 10:0 p.m.11 views

CVE-2006-1547

ActionForm in Apache Software Foundation ASF Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to...

6.7AI score0.54635EPSS
Exploits1References9
seebug.org
seebug.org
added 2006/01/24 12:0 a.m.22 views

creLoaded <= 6.15 (HTMLAREA) Automated Perl Exploit

No description provided by source. !/usr/bin/perl creLoaded = 6.15 HTMLAREA automated perl exploit hacked up by kaneda [email protected] Rather simple exploit, but still an exploit nonetheless. Attempts to upload php script and utilise that to execute commands, and show off a fake shell. C...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2005/12/19 5:29 p.m.7 views

security flaw

The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when registerglobals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS" fileupload field...

7.5CVSS6.9AI score0.65512EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/11/16 7:37 a.m.22 views

CVE-2003-1280

Directory traversal vulnerability in cgihtml 1.69 allows remote attackers to overwrite and create arbitrary files via a .. dot dot in multipart/form-data uploads...

6.8AI score0.0164EPSS
Exploits0References3
CVE
CVE
added 2005/11/16 7:37 a.m.45 views

CVE-2003-1280

CVE-2003-1280: A directory traversal flaw in cgihtml 1.69 enables remote attackers to overwrite or create arbitrary files via .. in multipart/form-data uploads. Connected Red Hat/CVE records reiterate the same vulnerability details. The available documents do not provide a remediation or patch ve...

5CVSS7.2AI score0.0164EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2005/11/15 12:0 a.m.230 views

RHEL 3 / 4 : php (RHSA-2005:831)

Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

7.5CVSS7.4AI score0.65512EPSS
Exploits1References9
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.26 views

PHP < 4.1.2 POST File Uploads Vulnerabilities - Active Check

There are several flaws in how PHP handles multipart/form-data POST requests, any one of which can allow an attacker to gain remote access to the system. SPDX-FileCopyrightText: 2002 Thomas Reinke Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

7.5CVSS6.7AI score0.24256EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2005/11/01 12:47 p.m.44 views

CVE-2005-3390

The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when registerglobals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS" fileupload field...

7.5CVSS6.8AI score0.65512EPSS
Exploits0References2
securityvulns
securityvulns
added 2004/09/30 12:0 a.m.49 views

PHP File Upload Vulnerability POC

PHP File Upload Vulnerability POC Title: Overwrite $FILE array in rfc1867 - Mime multipart/form-data File Upload Author: Stefano Di Paola Affected: Php = 5.0.1 Not Affected: Maybe some old Version of Php before 4.2.x Vulnerability Type: Possible write of a downloaded file in an arbitrary location...

7.1AI score
Exploits0
CERT
CERT
added 2004/08/16 12:0 a.m.48 views

Apple Safari fails to properly handle form data in HTTP redirects

Overview There is a vulnerability in the way Safari handles form data that may expose sensitive information when the forward/backward buttons are used. Description Apple Safari is a web browser available for the Mac OS X operating system. A vulnerability exists in the way Safari handles web form...

5CVSS5.9AI score0.01958EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.28 views

Mandrake Linux Security Advisory : php (MDKSA-2002:017)

Several flaws exist in various versions of PHP in the way it handles multipart/form-data POST requests, which are used for file uploads. The phpmimesplit function could be used by an attacker to execute arbitrary code on the server. This affects both PHP4 and PHP3. The authors have fixed this in...

7.5CVSS5.7AI score0.24256EPSS
Exploits0References2
Cvelist
Cvelist
added 2002/07/23 4:0 a.m.26 views

CVE-2002-0717

PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP POST request with certain arguments in a multipart/form-data form, which generates an error condition that is not properly handled and causes improper memory to be freed...

7.9AI score0.1095EPSS
Exploits0References5
securityvulns
securityvulns
added 2002/07/22 12:0 a.m.32 views

Advisory 02/2002: PHP remote vulnerability

e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: Remote Compromise/DOS Vulnerability in PHP Release Date: 2002/07/22 Last Modified: 2002/07/22 Author: Stefan Esser [email protected] Application: PHP 4.2.0, 4.2.1 Severity: A vulnerability within the multipart/form-data handler...

0.2AI score
Exploits0
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.37 views

CVE-2002-0081

Buffer overflows in 1 phpmimesplit in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and 2 php3mimesplit in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when fileuploads is enabled...

7.4AI score0.24256EPSS
Exploits0References19
Exploit DB
Exploit DB
added 2002/03/25 12:0 a.m.33 views

DCShop Beta 1.0 - Form Manipulation

source: https://www.securityfocus.com/bid/4356/info DCShop Beta is a freely available shopping cart system, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. It is possible to overwrite setup files .setup by submitting attacker-supplied...

7.4AI score
Exploits0
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.8 views

Internet Explorer help

None None...

5.8AI score
Exploits0
Rows per page
Query Builder