EUVD-2005-1801

Malware in sbrugna...

EUVD-2006-6872

Malware in sbrugna...

EUVD-2006-3376

Malware in sbrugna...

CGI::Session CGISESSID Cookie值目录遍历漏洞

BUGTRAQ ID: 30267 CGI::Session是一个Perl5库，可提供可靠易用的模块化会话管理系统。 CGI::Session没有充分的过滤CGISESSID cookie值便将其用在了File驱动中创建会话数据文件的文件名。如果远程攻击者在cookie值中注入了目录遍历序列，就会导致File驱动从配置的会话数据目录以外的任意文件读取会话数据。 仅在满足了所有以下条件的情况下才可以利用这个漏洞： 1 Web应用使用了CGI::Session中的File驱动管理会话。 2 Web应用部署于基于Windows的系统。 3...

CVE-2008-3023

Cross-site scripting XSS vulnerability in FreeStyle Wiki 3.6.2 and earlier, and 3.6.3 dev3 and earlier development versions, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2005-1799...

Cross site scripting

Cross-site scripting XSS vulnerability in FreeStyle Wiki 3.6.2 and earlier, and 3.6.3 dev3 and earlier development versions, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2005-1799...

CVE-2008-3023

Cross-site scripting XSS vulnerability in FreeStyle Wiki 3.6.2 and earlier, and 3.6.3 dev3 and earlier development versions, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2005-1799...

CVE-2008-3023

Summary: CVE-2008-3023 is an XSS vulnerability in FreeStyle Wiki affecting 3.6.2 and earlier, and 3.6.3 dev3 and earlier, where Internet Explorer could execute arbitrary script via unspecified vectors. The condition is that IE-based rendering allows injected HTML/script, with impact described as ...

CVE-2006-6889

FreeStyle Wiki fswiki 3.6.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request for config/user.dat...

CVE-2006-6889

CVE-2006-6889 affects FreeStyle Wiki (fswiki) 3.6.2 and earlier. The issue is that sensitive information (including passwords) is stored under the web root with insufficient access control, allowing remote attackers to obtain passwords by directly requesting config/user.dat. The provided document...

CVE-2006-6889

FreeStyle Wiki fswiki 3.6.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request for config/user.dat...

FreeStyle Wiki <= 3.6.2 (user.dat) Password Disclosure Vulnerability

No description provided by source. fswiki 3.6.2 user.dat Password Disclosure Vulnerability = Affected Software: fswiki 3.6.2 = Download: http://keihanna.dl.sourceforge.jp/fswiki/20797/wiki362.zip = F0under: bd0rk = Greetings: str0ke, TheJT, SHiKaA, Lu7k +Exploit:...

FreeStyle Wiki 3.6.2 - 'user.dat' Password Disclosure

fswiki 3.6.2 user.dat Password Disclosure Vulnerability = Affected Software: fswiki 3.6.2 = Download: http://keihanna.dl.sourceforge.jp/fswiki/20797/wiki362.zip = F0under: bd0rk = Greetings: str0ke, TheJT, SHiKaA, Lu7k +Exploit: http://target/fswikipath/config/user.dat The german Hacker bd0rk...

FreeStyle Wiki <= 3.6.2 (user.dat) Password Disclosure Vulnerability

Exploit for unknown platform in category web applications ==================================================================== FreeStyle Wiki Affected Software: fswiki 3.6.2 = F0under: bd0rk = Greetings: TheJT, SHiKaA, Lu7k +Exploit: http://target/fswikipath/config/user.dat 0day.today 2018-01-09...

CVE-2006-3380

Algorithmic complexity vulnerability in FreeStyle Wiki before 3.6.2 allows remote attackers to cause a denial of service CPU consumption by performing a diff between large, crafted pages that trigger the worst case...

CVE-2006-3380

Algorithmic complexity vulnerability in FreeStyle Wiki before 3.6.2 allows remote attackers to cause a denial of service CPU consumption by performing a diff between large, crafted pages that trigger the worst case...

CVE-2006-3380

CVE-2006-3380 affects FreeStyle Wiki before 3.6.2, where an algorithmic complexity vulnerability allows a remote attacker to cause a denial of service by diffing large, crafted pages to trigger worst-case behavior. The connected JVN entry and NVD record corroborate a DoS via CPU consumption, trig...

FreeStyle Wiki Arbitrary Command Injection Vulnerability

Secunia Advisory: SA16612 Release Date: 2005-08-30 Critical: Moderately critical Impact: System access Where: From remote Solution Status: Vendor Patch Software: FreeStyle Wiki 3.x Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it. Description: A...

CVE-2005-1799

Cross-site scripting XSS vulnerability in FreeStyle Wiki 3.5.7 and WikiLite FSWikiLite .10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2005-1799

CVE-2005-1799 describes a cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.5.7 and WikiLite (FSWikiLite) .10. The provided records specify an XSS issue that lets an attacker inject arbitrary web script or HTML via unspecified vectors. The NVD entry lists a base CVSS v2 score of 4.3 (m...