23 matches found
EUVD-2000-1095
Malware in sbrugna...
EUVD-2000-0673
Malware in sbrugna...
EUVD-2004-1439
Malware in sbrugna...
IBM Net.Data 7.0 Path Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2017/info IBM Net.Data is a scripting language used to create web applications, it supports a wide range of language environments and is compatible with most recognized databases. Net.Data contains a vulnerability which...
CVE-2003-1282
IBM Net.Data allows remote attackers to obtain sensitive information such as path names, server names and possibly user names and passwords by causing the 1 $DTWCURRENTFILENAME, 2 $DATABASE, 3 $LOGIN, 4 $PASSWORD, and possibly other predefined variables that can be echoed back to the user via a w...
CVE-2004-1442
Cross-site scripting XSS vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is not properly handled by error messages such as "DTWP001E."...
CVE-2004-1442
Cross-site scripting XSS vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is not properly handled by error messages such as "DTWP001E."...
IBM Net.Data db2www CGI interpreter fails to properly validate requested macro filenames
Overview IBM Net.Data fails to properly validate user input passed to the db2www CGI interpreter, which could allow an attacker to mount a cross-site scripting attack against a vulnerable system. Description IBM Net.Data is a scripting language used to create web applications. Net.Data macros are...
IBM Net.Data 7.07.2 - db2www Error Message Cross-Site Scripting
IBM Net.Data 7.07.2 - db2www Error Message Cross-Site Scripting source: https://www.securityfocus.com/bid/9488/info IBM Net.Data is prone to cross-site scripting attacks via error message output. This may permit a remote attack to create a link to a system hosting the software that includes...
IBM Net.Data crossite scripting
Crossite scripting in error messages...
IBM Net.Data 7.0/7.2 - db2www Error Message Cross-Site Scripting
source: https://www.securityfocus.com/bid/9488/info IBM Net.Data is prone to cross-site scripting attacks via error message output. This may permit a remote attack to create a link to a system hosting the software that includes embedded HTML and script code. This hostile code may be rendered in t...
[Full-Disclosure] Secunia Research: IBM Net.Data Macro Name Cross-Site Scripting Vulnerability
====================================================================== Secunia Research 26/01/2004 - IBM Net.Data Macro Name Cross-Site Scripting Vulnerability - ====================================================================== Receive Secunia Security Advisories for free:...
CVE-2000-1110
document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program...
CVE-2000-1110
CVE-2000-1110 affects the IBM Net.Data db2www package: the document.d2w CGI program can be probed to reveal the web server’s physical path when a nonexistent command is sent. This is a path disclosure weakness, with partial impact on confidentiality reported (base score 5.0, MITRE ATT&CK not spec...
CVE-2000-1110
document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program...
IBM Net.Data 7.0 - Full Path Disclosure
source: https://www.securityfocus.com/bid/2017/info IBM Net.Data is a scripting language used to create web applications, it supports a wide range of language environments and is compatible with most recognized databases. Net.Data contains a vulnerability which reveals server information...
IBM Net.Data 7.0 - Full Path Disclosure
IBM Net.Data 7.0 - Full Path Disclosure source: https://www.securityfocus.com/bid/2017/info IBM Net.Data is a scripting language used to create web applications, it supports a wide range of language environments and is compatible with most recognized databases. Net.Data contains a vulnerability...
Небольшая проблема в IBM Net.Data (path retrieval)
Можно мполучить информацию о физическом расположении файлов...
IBM Net.Data Local Path Disclosure Vulnerability?
Not sure if this is exactly a new issue or not, but IBM's Net.Data package often used in conjuction with NetCommerce3 and db2www will disclose the local path of server files if fed improper requests. This software is in use on a variety of sites, including several online-shopping locales. Example...
Дырка в IBM Net.Data
Классическое переполнение буфера в CGI db2www при обработке PATHINFO...