5905 matches found
Mailtraq 2.2 - Browse.asp Cross-Site Scripting
Mailtraq 2.2 - Browse.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/7813/info Mailtraq is vulnerable to cross-site scripting attacks. The vulnerability exists due to insufficient sanitization of HTTP requests to the vulnerable Mailtraq server. An attacker can exploit this...
Mailtraq 2.2 - Webmail Utility Full Path Disclosure
source: https://www.securityfocus.com/bid/7815/info A vulnerability has been reported for Mailtraq that may result in the disclosure of path information. The vulnerability exists due to insufficient sanitization of HTTP requests. Specifically, a request for non-existent resources will result in a...
Webchat 2.0 Module - Full Path Disclosure
source: https://www.securityfocus.com/bid/7774/info Webchat has been reported prone to a path disclosure weakness. Reportedly an attacker may make a malicious HTTP request for several Webchat PHP scripts to trigger the condition. Under some circumstances the request will trigger an exception,...
Webfroot Shoutbox < 2.32 (Apache) Remote Exploit
No description provided by source. !/usr/bin/perl Webfroot Shoutbox 2.32 on apache exploit use IO::Socket; my $host = "127.0.0.1"; my $port = 80; my $shoutbox = "shoutbox.php?conf="; my $shoutboxpath = "/shoutbox"; my $cmd = "ls -l"; my $conn; my $type; my @logs = "/etc/httpd/logs/acceslog",...
CVE-2003-0338
Directory traversal vulnerability in WsMp3 daemon WsMp3d 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. dot dot sequences in HTTP GET or POST requests...
CVE-2003-0338
CVE-2003-0338 describes a directory traversal vulnerability in the WsMp3 daemon (WsMp3d) versions up to 0.0.10. The issue allows a remote attacker to read and execute arbitrary files via .. sequences in HTTP GET or POST requests. The vulnerability affects WsMp3d as a web server component that han...
CVE-2003-0339
Multiple heap-based buffer overflows in WsMp3 daemon WsMp3d 0.0.10 and earlier allow remote attackers to execute arbitrary code via long HTTP requests...
CUPS 1.1.x - Cupsd Request Method Denial of Service
CUPS 1.1.x - Cupsd Request Method Denial of Service source: https://www.securityfocus.com/bid/7637/info The cupsd has been reported prone to a denial of service vulnerability. Reportedly the cupsd does not adequately apply a time-out process for malicious HTTP requests and service is denied to...
CUPS 1.1.x - Cupsd Request Method Denial of Service
source: https://www.securityfocus.com/bid/7637/info The cupsd has been reported prone to a denial of service vulnerability. Reportedly the cupsd does not adequately apply a time-out process for malicious HTTP requests and service is denied to subsequent cupsd requests. This issue may be exploited...
Snowblind Web Server 1.01.1 - GET Buffer Overflow
Snowblind Web Server 1.01.1 - GET Buffer Overflow source: https://www.securityfocus.com/bid/7619/info Snowblind Web Server has been reported prone to a buffer overflow vulnerability. The vulnerability exists when the web server attempts to process HTTP requests of excessive length. Although...
Snowblind Web Server 1.0/1.1 - GET Buffer Overflow
source: https://www.securityfocus.com/bid/7619/info Snowblind Web Server has been reported prone to a buffer overflow vulnerability. The vulnerability exists when the web server attempts to process HTTP requests of excessive length. Although unconfirmed, this vulnerability may be exploited to...
Pi3Web 2.0.1 Denial of Service - Proof of Concept
No description provided by source. / Pi3Web 2.0.1 DoS - Pr00f of concept. Vulnerable systems: Pi3Web 2.0.1 maybe others Vendor: www.johnroy.com/pi3 - http://pi3web.sourceforge.net/ Patch: no yet. Info: Pi3Web Server is vulnerable to a denial of Service. when a malformed HTTP Request is done the...
MDG Web Server 4D 3.6 - HTTP Command Buffer Overflow
MDG Web Server 4D 3.6 - HTTP Command Buffer Overflow // source: https://www.securityfocus.com/bid/7479/info A buffer overflow vulnerability has been reported for MDG Web Server. The vulnerability exists when the web server attempts to process overly long HTTP requests. Specifically, when the web...
MDG Web Server 4D 3.6 - HTTP Command Buffer Overflow
// source: https://www.securityfocus.com/bid/7479/info A buffer overflow vulnerability has been reported for MDG Web Server. The vulnerability exists when the web server attempts to process overly long HTTP requests. Specifically, when the web server processes a malformed HTTP request of excessiv...
Alt-N WebAdmin 2.0.x - Remote File Viewing
Alt-N WebAdmin 2.0.x - Remote File Viewing source: https://www.securityfocus.com/bid/7438/info Alt-N WebAdmin allows a remote user to access files that they should not be able to access. The remote user can submit an HTTP request that will return the contents of any webserver-readable file on the...
VisNetic ActiveDefense 1.3.1 - GET Multiple Denial of Service Vulnerabilities
VisNetic ActiveDefense 1.3.1 - GET Multiple Denial of Service Vulnerabilities source: https://www.securityfocus.com/bid/7428/info A denial of service vulnerability has been discovered in VisNetic ActiveDefense. The problem occurs when multiple HTTP requests are subsequently made to a server,...
VisNetic ActiveDefense 1.3.1 - GET Multiple Denial of Service Vulnerabilities
source: https://www.securityfocus.com/bid/7428/info A denial of service vulnerability has been discovered in VisNetic ActiveDefense. The problem occurs when multiple HTTP requests are subsequently made to a server, containing a specific amount of data. After processing these requests, the affecte...
Xeneo Web Server 2.2.10 - Undisclosed Buffer Overflow (PoC)
/ source: https://www.securityfocus.com/bid/7410/info Xeneo web server has been reported prone to an undisclosed buffer overflow vulnerability. It has been reported that a specifically crafted HTTP request containing malicious HTTP header information will trigger this condition. Although...
RealNetworks Helix Universal Server vulnerable to buffer overflow when sent two simultaneous HTTP requests containing a long string of characters
Overview The RealNetworks' Helix Universal Server supports delivery of several different media types over the Internet. Vulnerabilities have been discovered in the way it handles some requests from the network. These vulnerabilities could allow a remote attacker to execute arbitrary code on...
CVE-2002-0543
Directory traversal vulnerability in Aprelium Abyss Web Server abyssws before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. dot dot sequences in the HTTP request...