HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling via the KJ-HTTP process. An attacker can cause the system to interpret a negative Content-Length value as an extremely large unsigned value by sending specially crafted HTTP requests or responses, potentially...

Memory corruption

An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption...

Endian Firewall Proxy Password Change Command Execution (CVE-2015-5082)

A command injection vulnerability has been reported in Endian Firewall. The vulnerability is due to an input validation error in a CGI script. A remote, authenticated attacker can exploit this vulnerability by sending crafted HTTP requests to the target. Successful exploitation could lead to remo...

PHP 4.x SafeMode Arbitrary File Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2954/info PHP is the Personal HomePage development toolkit, distributed by the PHP.net, and maintained by the PHP Development Team in public domain. A problem with the toolkit could allow elevated privileges, and...

PHP Safe Mode mail Function 5th Parameter Arbitrary Command Execution

The remote host is running PHP 4.0.5. There is a flaw in this version of PHP that allows local users to circumvent the safe mode and to gain the UID of the HTTP process. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. References: Date: Fri, 23 Aug 2002 09:30:40 +0200 CEST From: "Wojciech...

PHP 4.x - SafeMode Arbitrary File Execution

source: https://www.securityfocus.com/bid/2954/info PHP is the Personal HomePage development toolkit, distributed by the PHP.net, and maintained by the PHP Development Team in public domain. A problem with the toolkit could allow elevated privileges, and potentially unauthorized access to...