13 matches found
EUVD-2021-23292
Malware in sbrugna...
PT-2025-30679 · Wwbn · Avideo
Name of the Vulnerable Software and Affected Versions: WWBN AVideo version 14.4 WWBN AVideo dev master commit 8a8954ff Description: An incomplete blacklist in the .htaccess sample allows for arbitrary code execution via a specially crafted HTTP request. An attacker can request a .phar file to...
CVE-2023-1744
A vulnerability classified as critical was found in IBOS 4.5.5. This vulnerability affects unknown code of the component htaccess Handler. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The...
CVE-2022-25277
Drupal core sanitizes filenames with dangerous extensions upon upload reference: SA-CORE-2020-012 and strips leading and trailing dots from filenames to prevent uploading server configuration files reference: SA-CORE-2019-010. However, the protections for these two vulnerabilities previously did...
GHSA-23GJ-X27G-R34F MODX Revolution allows overwriting .htaccess
In MODX Revolution before 2.5.7, a user with file upload permissions is able to execute arbitrary code by uploading a file with the name .htaccess...
CVE-2017-16941
October CMS 1.0.428 and earlier is vulnerable because themes allow .htaccess usage, enabling remote authenticated users to execute arbitrary PHP by corrupting a theme ZIP downloaded from /backend/cms/themes and re-uploading it with a malicious .php and .htaccess. Root cause is failure to block .h...
Exploit for Use After Free in Apache Http_Server
Check for CVE-2017-9798 This small script check...
OLX: Server Version Of https://www.olx.ph/
i see a server version of your website that have link: https://www.olx.ph/.htaccess The impact of this vulnerability Consult Web References for more information. This is a proof. http://prnt.sc/dtsjmo -- jaypogzz...
PHP mbstring.func_overload web server denial of service
PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.funcoverload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server...
cPanel 10.9.1 XSS
Aria-Security Team cPanel 10.9.1 XSS /frontend/x/htaccess/changepro.html?protected=1&resname=XSSGOESHERE click on Go Back... Voila! Credits: Aria-Security Team http://aria-security.net http://outlaw.aria-security.info...
GLSA-200402-01 : PHP setting leaks from .htaccess files on virtual hosts
The remote host is affected by the vulnerability described in GLSA-200402-01 PHP setting leaks from .htaccess files on virtual hosts If the server configuration 'php.ini' file has 'registerglobals = on' and a request is made to one virtual host which has 'phpadminflag registerglobals off' and the...
[SECURITY] [DSA-135-1] buffer overflow / DoS in libapache-mod-ssl
------------------------------------------------------------------------ Debian Security Advisory DSA-135-1 [email protected] http://www.debian.org/security/ Robert van der Meulen July 2, 2002 - ------------------------------------------------------------------------ Package : libapache-mod-ssl...
DSA-135 libapache-mod-ssl -- buffer overflow / DoS
Bulletin has no description...