406 matches found
QuickPHP <= 1.10.0 Remote Source Code Disclosure Vulnerability - Active Check
QuickPHP is prone to a remote source code disclosure vulnerability because it fails to properly sanitize user-supplied input. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption (MS10-051)
Exploit for windows platform in category dos / poc ================================================================= Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption MS10-051 ================================================================= Sources:...
Enomaly ECP: Multiple vulnerabilities in VMcasting protocol & implementation.
Enomaly ECP: Multiple vulnerabilities in VMcasting protocol & implementation. Synopsis Enomaly ECP up to and including v3.0.4 is believed to contain an insecure silent update mechanism that could allow a remote attacker to execute arbitrary code as root, and to inject or modify VM workloads for...
CVE-2009-2351
Opera 9.52 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header or 2 specifying the content of a Refresh header, a related issue to...
EZ-Blog SQLi Vulnerability (Mar 2009) - Active Check
EZ-Blog is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respectiv...
Neostrada Livebox Router Remote Network Down PoC Exploit
Exploit for unknown platform in category dos / poc ======================================================== Neostrada Livebox Router Remote Network Down PoC Exploit ======================================================== Neostrada Livebox Router Remote Network Down PoC Exploit Author: 0in aka...
Solaris 10 (x86) : 124673-20 (deprecated)
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Container. Supported versions that are affected are 9.2.4, 10.0.2, 10.3.5, 10.3.6 and 12.1.1. Easily exploitable vulnerability allows successful unauthenticated network attacks via HTTP. Successful...
PT-2007-1146 · Oracle +1 · Oracle Weblogic Server +2
Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 10.3.6.0.0 and 12.1.3.0.0 Description: The issue is related to the Oracle WebLogic Server component of Oracle Fusion Middleware, specifically the Web Services subcomponent. It is an easily exploitable...
Kaffeine: Buffer overflow
Background Kaffeine is a graphical front-end for the xine-lib multimedia library. Description Kaffeine uses an unchecked buffer when fetching remote RAM playlists via HTTP. Impact A remote attacker could entice a user to play a specially-crafted RAM playlist resulting in the execution of arbitrar...
WebHints remote command execution flaw
The remote version of the WebHints scripts is vulnerable to remote command execution flaw through the script SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...
Xeneo Web Server %A DoS Vulnerability
It was possible to crash the remote Xeneo web server by requesting a malformed URL ending with /%A or /% SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Argosoft HTTP GET Request Saturation Remote DoS
Binary data 2176.prm...
Cisco Security Advisory: Cisco CatOS Telnet, HTTP and SSH Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco CatOS Telnet, HTTP and SSH Vulnerability Revision 1.0 For Public Release 2004 June 9 at 1600 UTC GMT ---------------------------------------------------------------------- Contents Summary Affected Products Details Impac...
CVE-2003-1269
AN HTTP 1.41e allows remote attackers to obtain the root web server path via an HTTP request with a long argument to a script, which leaks the path in an error message...
CVE-2003-1270
AN HTTP 1.41e allows remote attackers to cause a denial of service borken pipe via an HTTP request to aux.cgi with a long argument, possibly triggering a buffer overflow or MS-DOS device vulnerability...
XSS in Null HTTPd
Null HTTPd is a simple HTTP server that runs on Win32/Unix systems. It is quite basic, but offers good CGI support. A vulnerability in Null HTTPd may allow cross-site scripting via a 404 page: http://localhost/a?x=SCRIPTalertdocument.URL/SCRIPT You have to place this in the query string so that i...
CVE-2002-1078
Affects Abyss Web Server 1.0.3. The vulnerability allows remote attackers to trigger directory listing by sending an HTTP GET request that ends with a large sequence of / characters. The underlying cause is not detailed in the provided documents beyond the request construction; the impact is expo...
MacOS X SoftwareUpdate Vulnerability
---------------------------------------------------------------------------- MacOS X SoftwareUpdate Vulnerability. ---------------------------------------------------------------------------- Date: July 6, 2002 Version: MacOS 10.1.X and possibly 10.0.X Problem: MacOS X SoftwareUpdate connects to...
Microsoft SQL Server 2000 - 'SQLXML' Buffer Overflow (PoC)
source: https://www.securityfocus.com/bid/5004/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various methods of communication, one of which is via HTTP. SQLXML...
Cisco IOS 11.x/12.x - HTTP Configuration Arbitrary Administrative Access (4)
source: https://www.securityfocus.com/bid/2936/info IOS is router firmware developed and distributed by Cisco Systems. IOS functions on numerous Cisco devices, including routers and switches. It is possible to gain full remote administrative access on devices using affected releases of IOS. By...