CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

NVD•added 2009/12/31 7:30 p.m.•10 views

CVE-2009-4529

InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote attackers to obtain the source code for a web page via a trailing encoded space character in a URI, as demonstrated by /index.html%20 and /index.php%20 URIs...

5CVSS6.7AI score0.00591EPSS

Exploits1References8

Prion•added 2009/12/31 7:30 p.m.•8 views

Code injection

5CVSS7.2AI score0.00591EPSS

Exploits1References8Affected Software1

Cvelist•added 2009/12/31 7:0 p.m.•19 views

CVE-2009-4529

6.7AI score0.00591EPSS

Exploits1References8

CVE•added 2009/12/31 7:0 p.m.•46 views

CVE-2009-4529

NaviCOPA Web Server (3.0.1.2 and earlier) is affected by CVE-2009-4529. A trailing encoded space in a request URI (e.g., /index.html%20 or /index.php%20) can disclose the server-side source code of pages/CGIs to a remote attacker. Affected product is NaviCOPA Web Server; root cause is improper ha...

5CVSS6.7AI score0.00591EPSS

Exploits1References8Affected Software1

NVD•added 2009/10/09 2:30 p.m.•11 views

CVE-2009-3646

InterVations NaviCOPA Web Server 3.01 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name...

5CVSS6.7AI score0.03286EPSS

Exploits1References4

Cvelist•added 2009/10/09 2:18 p.m.•14 views

CVE-2009-3646

InterVations NaviCOPA Web Server 3.01 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name...

6.7AI score0.03286EPSS

Exploits1References4

Prion•added 2007/04/27 4:19 p.m.•17 views

Design/Logic Flaw

Unspecified vulnerability in InterVations NaviCOPA Web Server 2.01 20070323 allows remote attackers to cause a denial of service daemon crash via crafted HTTP requests, as demonstrated by long requests containing '\A' characters, probably a different issue than CVE-2006-5112 and CVE-2007-1733...

7.8CVSS6.6AI score0.82279EPSS

Exploits4References3Affected Software1

Prion•added 2007/03/28 10:19 p.m.•20 views

Buffer overflow

Buffer overflow in InterVations NaviCOPA HTTP Server 2.01 allows remote attackers to execute arbitrary code via a long 1 /cgi-bin/ or 2 /cgi/ pathname in an HTTP GET request, probably a different issue than CVE-2006-5112...

10CVSS8AI score0.82279EPSS

Exploits4References9Affected Software1

NVD•added 2007/03/28 10:19 p.m.•13 views

CVE-2007-1733

10CVSS7.6AI score0.31281EPSS

Exploits0References9

CVE•added 2007/03/28 10:0 p.m.•42 views

CVE-2007-1733

CVE-2007-1733 affects InterVations NaviCOPA Web/HTTP Server 2.01. The vulnerability is a buffer overflow in handling a long URL path in an HTTP GET request (notably /cgi-bin/ or /cgi/), which could allow remote code execution. Connected sources corroborate a public-facing overflow and link to PoC...

10CVSS7.6AI score0.31281EPSS

Exploits0References9Affected Software1

CVE•added 2006/10/02 8:0 p.m.•46 views

CVE-2006-5112

CVE-2006-5112 reflects a buffer overflow in the NaviCOPA Web Server 2.01 caused by handling of long HTTP GET requests, enabling remote code execution. Connected sources confirm a public proof-of-concept/exploit vector: a Metasploit module named navicopa_get_overflow (and related exploit reference...

7.5CVSS7.7AI score0.82279EPSS

Exploits4References6Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by