Lucene search
K

296 matches found

securityvulns
securityvulns
added 2002/07/13 12:0 a.m.64 views

Three BadBlue Vulnerabilities

Advisory: Working Resources BadBlue Multiple Vulnerabilities Issue: Three vulnerabilities; a denial of service, an insecurity in password storage, and a file disclosure vulnerability that could allow viewing of the password file. Risk: Critical SecurityFocus: "Working Resources BadBlue Invalid Ge...

0.4AI score
Exploits0
Cvelist
Cvelist
added 2002/06/11 4:0 a.m.15 views

CVE-2002-0433

Pi3Web 2.0.0 allows remote attackers to view restricted files via an HTTP request containing a "" wildcard or asterisk character...

6.7AI score0.02302EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.30 views

CVE-2001-1298

Webodex PHP script 1.0 and earlier allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable...

6.9AI score0.01481EPSS
Exploits0References3
exploitpack
exploitpack
added 2002/03/26 12:0 a.m.15 views

CSSearch 2.3 - Remote Command Execution

CSSearch 2.3 - Remote Command Execution source: https://www.securityfocus.com/bid/4368/info csSearch is a website search script, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft operating systems. csSearch is prone to an issue which may enable an attacker to...

7.7AI score
Exploits0
CERT
CERT
added 2002/01/14 12:0 a.m.16 views

Cisco SN 5420 Storage Router vulnerable to DoS via HTTP request containing long headers

Overview It is possible to cause a denial of service of the Cisco SN 5420 Storage Router by sending a HTTP request with a large header. Description A vulnerability has been discovered in the Cisco SN 5420 Storage Router software versions 1.15 and earlier. By sending an HTTP request with a huge...

7.1AI score
Exploits0References2
NVD
NVD
added 2001/10/02 4:0 a.m.18 views

CVE-2001-1052

Empris PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable...

7.5CVSS6.9AI score0.01571EPSS
Exploits0References3
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.14 views

CVE-1999-1417

Format string vulnerability in AnswerBook2 AB2 web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via encoded % characters in an HTTP request, which is improperly logged...

7.7AI score0.0189EPSS
Exploits0References2
NVD
NVD
added 2001/05/03 4:0 a.m.12 views

CVE-2001-0275

Moby Netsuite Web Server 1.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request...

2.1CVSS7.5AI score0.00753EPSS
Exploits1References1
exploitpack
exploitpack
added 2001/04/16 12:0 a.m.13 views

Microsoft ISA Server 2000 Web Proxy - Denial of Service

Microsoft ISA Server 2000 Web Proxy - Denial of Service // source: https://www.securityfocus.com/bid/2600/info It is possible for a user to cause the Web Proxy service on a host running MS ISA Server to stop responding. If a HTTP request with an unusually long path is submitted, the Web Proxy...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2001/04/16 12:0 a.m.20 views

Microsoft ISA Server 2000 Web Proxy - Denial of Service

// source: https://www.securityfocus.com/bid/2600/info It is possible for a user to cause the Web Proxy service on a host running MS ISA Server to stop responding. If a HTTP request with an unusually long path is submitted, the Web Proxy service could stop responding. This vulnerability is only...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2001/04/16 12:0 a.m.53 views

Oracle Application Server ndwfn4.so HTTP Request Remote Overflow

It may be possible to make a web server execute arbitrary code by sending it a too long url starting with /jsp/ For example: GET /jsp/AAAA.....AAAAA C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10654; scriptversion"1.27"; scriptcvsdate"Date: 2018/07/16 14:09:13";...

7.5CVSS5.9AI score0.24449EPSS
Exploits1References1
exploitpack
exploitpack
added 2001/01/27 12:0 a.m.18 views

Cisco (Multiple Products) - Automated Tool

Cisco Multiple Products - Automated Tool !/usr/bin/perl Written by hypoclear - http://hypoclear.cjb.net Thong-th-thong-th-thong.pl AKA thong.pl is a PERL script which automates several attacks against various Cisco products. To be specific: 12-13-00 - Cisco Catalyst ssh Protocol Mismatch DoS...

0.2AI score
Exploits0
0day.today
0day.today
added 2001/01/27 12:0 a.m.28 views

Cisco Multiple Products Automated Exploit Tool

Exploit for hardware platform in category dos / poc ============================================== Cisco Multiple Products Automated Exploit Tool ============================================== !/usr/bin/perl Written by hypoclear - http://hypoclear.cjb.net Thong-th-thong-th-thong.pl AKA thong.pl i...

7AI score
Exploits0
Cvelist
Cvelist
added 2000/12/19 5:0 a.m.17 views

CVE-2000-1114

Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20"...

6.9AI score0.02915EPSS
Exploits1References2
Cvelist
Cvelist
added 2000/11/29 5:0 a.m.26 views

CVE-2000-0939

Samba Web Administration Tool SWAT in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart...

6.6AI score0.01505EPSS
Exploits1References2
Exploit DB
Exploit DB
added 1997/11/08 12:0 a.m.46 views

iCat Electronic Commerce Suite 3.0 - File Disclosure

source: https://www.securityfocus.com/bid/2126/info iCat Electronic Commerce Suite is an application which enables a user to create and manage web based catalogues. A remote user may retrieve known files on a target system running iCat Electronic Commerce Suite. The Carbo Server component of the...

7.4AI score
Exploits0
Rows per page
Query Builder