Lucene search
K

13 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Leif M. Wright simplestmail.cgi 1.0 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2102/info A vulnerabiliy exists in Leif M. Wright's simplestmail.cgi, a script designed to coordinate email responses from web forms. An insecurely-structured call to the open function leads to a failure to properly filte...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Leif M. Wright everythingform.cgi 2.0 Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2101/info An input validation vulnerability exists in Leif M. Wright's everything.cgi, a Perl-based form design tool. The script fails to properly filter shell commands from user-supplied input to the 'config' field. As a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Leif M. Wright simplestguest.cgi 2.0 - Remote Command Execution Vulnerability

No description provided by source...

7.1AI score
Exploits0
NVD
NVD
added 2006/02/22 2:2 a.m.17 views

CVE-2006-0844

Leif M. Wright's Blog 3.5 does not make a password comparison when authenticating an administrator via a cookie, which allows remote attackers to bypass login authentication, probably by setting the blogAdmin cookie...

7.5CVSS6.8AI score0.0164EPSS
Exploits1References5
NVD
NVD
added 2006/02/22 2:2 a.m.31 views

CVE-2006-0843

Leif M. Wright's Blog 3.5 stores the config file and other txt files under the web root with insufficient access control, which allows remote attackers to read the administrator's password...

5CVSS6.6AI score0.01392EPSS
Exploits1References5
Cvelist
Cvelist
added 2006/02/22 2:0 a.m.33 views

CVE-2006-0844

Leif M. Wright's Blog 3.5 does not make a password comparison when authenticating an administrator via a cookie, which allows remote attackers to bypass login authentication, probably by setting the blogAdmin cookie...

6.8AI score0.0164EPSS
Exploits1References5
Cvelist
Cvelist
added 2006/02/22 2:0 a.m.28 views

CVE-2006-0843

Leif M. Wright's Blog 3.5 stores the config file and other txt files under the web root with insufficient access control, which allows remote attackers to read the administrator's password...

6.6AI score0.01392EPSS
Exploits1References5
Cvelist
Cvelist
added 2006/02/22 2:0 a.m.32 views

CVE-2006-0845

Leif M. Wright's Blog 3.5 allows remote authenticated users with administrative privileges to execute arbitrary programs, including shell commands, by configuring the sendmail path to a malicious pathname...

7AI score0.01265EPSS
Exploits1References4
securityvulns
securityvulns
added 2006/02/18 12:0 a.m.50 views

[SA18923] Leif M. Wright's Blog Multiple Vulnerabilities

TITLE: Leif M. Wright's Blog Multiple Vulnerabilities SECUNIA ADVISORY ID: SA18923 VERIFY ADVISORY: http://secunia.com/advisories/18923/ CRITICAL: Highly critical IMPACT: Security Bypass, Cross Site Scripting, Exposure of sensitive information, System access WHERE: From remote SOFTWARE: Leif M...

0.3AI score
Exploits0
CVE
CVE
added 2005/08/16 4:0 a.m.80 views

CVE-2004-2347

The CVE-2004-2347 entry applies to Leif M. Wright Web Blog (blog.cgi) versions 1.1 and 1.1.5. The vulnerability arises in the ViewFile request’s file parameter, where shell metacharacters (e.g., |) enable remote command execution. Impact is remote arbitrary commands executed with the web server u...

7.5CVSS7.7AI score0.09874EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.19 views

CVE-2004-2347

blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote attackers to execute arbitrary commands via shell metacharacters such as '|' in the file parameter of ViewFile requests...

7.5CVSS7.6AI score0.09874EPSS
Exploits1References6
Exploit DB
Exploit DB
added 2000/12/14 12:0 a.m.32 views

Leif M. Wright simplestguest.cgi 2.0 - Remote Command Execution

source: https://www.securityfocus.com/bid/2106/info A vulnerabiliy exists in Leif M. Wright's simplestguest.cgi, a script designed to coordinate guestbook submissions from website visitors. An insecure call to the open function leads to a failure to properly filter shell metacharacters from user...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/12/11 12:0 a.m.35 views

Leif M. Wright - 'ad.cgi' 1.0 Unchecked Input

source: https://www.securityfocus.com/bid/2103/info ad.cgi is an ad rotation script freely available, and written by Leif Wright. A problem exists in the script which may allow access to restricted resources. The problem occurs in the method in which the script checks input. Due to insufficent...

7AI score
Exploits0
Rows per page
Query Builder