1494 matches found
eXtropia bbs_forum.cgi 1.0 - Arbitrary Command Execution
eXtropia bbsforum.cgi 1.0 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/2177/info bbsforum.cgi is a popular Perl cgi script from eXtropia.com. It supports the creation and maintenance of web-based threaded discussion forums. Version 1.0 of bbsforum.cgi fails to properly...
En: ubb hole
----- Original Message ----- From: tdf To: [email protected] Sent: Monday, November 20, 2000 2:46 PM Subject: ubb hole ----------------------------------------------------------------------------------- Ultimate Bulletin Board - Private forums security hole, by tdf [email protected]...
DCForum 1-6 - Arbitrary File Disclosure
source: https://www.securityfocus.com/bid/1951/info DCForum is a commercial cgi script from DCScripts which is designed to facilitate web-based threaded discussion forums. The script improperly validates user-supplied input, which allows the remote viewing of arbitrary files on the host which are...
iis-unicode.txt
Recently I received an email from Par Osterberg that directed my attention to a post in the Packetstorm forums: http://209.143.242.119/cgi-bin/cbmc/forums.cgi?authkey=anonymous&uname=anonymous&datopic=Windows&mesgcheck=defined&gum=474&editoron= An anonymous person posts that they can run arbitrar...
CVE-2000-0297
Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables...
CVE-2000-0297
Allaire Forums 2.0.5 contains a vulnerability that allows remote attackers to bypass access restrictions to secure conferences by manipulating the rightAccessAllForums or rightModerateAllForums variables. The description does not specify affected versions beyond 2.0.5 and does not provide remedia...
Allaire Forums позволяет получить доступ к любой конференции
Пользователь может установить переменную rightAccessAllForums, которая позволяет получить доступ к любой конференции...
CVE-2000-0297
Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables...
Allaire Security Bulletin (ASB00-06)
Allaire Security Bulletin ASB00-06 Patch Available for Allaire Forums 2.0.5 security issue. Originally Posted: April 3, 2000 Last Updated: April 3, 2000 Summary Allaire has recently been notified of a security issue in the Allaire Forums 2.0.5 software. This behavior allows users to view and post...
CVE-2000-0125
wwwthreads does not properly cleanse numeric data or table names that are passed to SQL queries, which allows remote attackers to gain privileges for wwwthreads forums...
CVE-2000-0125
wwwthreads does not properly cleanse numeric data or table names that are passed to SQL queries, which allows remote attackers to gain privileges for wwwthreads forums...
allaire.getfile.cfm.txt
Date: Thu, 11 Feb 1999 11:36:57 -0500 From: Cameron Childress To: [email protected] Subject: ACFUG List: Alert: Allaire Forums GetFile bug The problem outlined below seems to effect all Allaire Forums 2.0.x versions. Allaire has confirmed that the bug exists, and will be issuing a...
Allaire Forums 2.0.4 - Getfile
source: https://www.securityfocus.com/bid/229/info An Allaire Forums file "GetFile.cfm" in the root of the application directory allows anyone to access any file on the Forums server. This vulnerability affects Forums 2.0.4 and earlier. Type the URL...
Allaire Forums 2.0.4 - Getfile
Allaire Forums 2.0.4 - Getfile source: https://www.securityfocus.com/bid/229/info An Allaire Forums file "GetFile.cfm" in the root of the application directory allows anyone to access any file on the Forums server. This vulnerability affects Forums 2.0.4 and earlier. Type the URL...