3 matches found
CVE-2005-0085
Cross-site scripting XSS vulnerability in ht://dig htdig before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message...
[Full-Disclosure] [ GLSA 200502-16 ] ht://Dig: Cross-site scripting vulnerability
Gentoo Linux Security Advisory GLSA 200502-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
Mandrake Linux Security Advisory : htdig (MDKSA-2001:083)
A problem was discovered in the ht://Dig web indexing and searching program. Nergal reported a vulnerability in htsearch that allows a remote user to pass the -c parameter, to use a specific config file, to the htsearch program when running as a CGI. A malicious user could point to a file like...