SUSE CVE-2007-6110

Cross-site scripting XSS vulnerability in htsearch in htdig 3.2.0b6 allows remote attackers to inject arbitrary web script or HTML via the sort parameter...

CVE-2007-6110

Cross-site scripting XSS vulnerability in htsearch in htdig 3.2.0b6 allows remote attackers to inject arbitrary web script or HTML via the sort parameter...

CVE-2007-6110

Cross-site scripting XSS vulnerability in htsearch in htdig 3.2.0b6 allows remote attackers to inject arbitrary web script or HTML via the sort parameter...

Debian DSA-080-1 : htdig - unauthorized gathering of data

Nergal reported a vulnerability in the htsearch program which is distributed as part of the ht://Dig package, an indexing and searching system for small domains or intranets. Using former versions it was able to pass the parameter -c to the cgi program in order to use a different configuration...

CVE-2001-0834

htsearch CGI program in htdig ht://Dig 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to 1 cause a denial of service CPU consumption by specifying a large file such as /dev/zero, or 2 read arbitrary files by uploading...

CVE-2000-1191

htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to determine the physical path of the server by requesting a non-existent configuration file using the config parameter, which generates an error message that includes the full path...

CVE-2000-0208

The htdig ht://Dig CGI program htsearch allows remote attackers to read arbitrary files by enclosing the file name with backticks in parameters to htsearch...