26 matches found
EUVD-2008-0348
Malware in sbrugna...
EUVD-2007-3151
Malware in sbrugna...
EUVD-2013-7267
Malware in sbrugna...
EUVD-2020-21957
Malware in sbrugna...
CVE-2013-10047
An unrestricted file upload vulnerability exists in MiniWeb HTTP Server = Build 300 that allows unauthenticated remote attackers to upload arbitrary files to the server’s filesystem. By abusing the upload handler and crafting a traversal path, an attacker can place a malicious .exe in system32,...
CVE-2013-10047
An unrestricted file upload vulnerability exists in MiniWeb HTTP Server = Build 300 that allows unauthenticated remote attackers to upload arbitrary files to the server’s filesystem. By abusing the upload handler and crafting a traversal path, an attacker can place a malicious .exe in system32,...
CVE-2013-10047 MiniWeb <= Build 300 Arbitrary File Upload
An unrestricted file upload vulnerability exists in MiniWeb HTTP Server = Build 300 that allows unauthenticated remote attackers to upload arbitrary files to the server’s filesystem. By abusing the upload handler and crafting a traversal path, an attacker can place a malicious .exe in system32,...
CVE-2013-10047
CVE-2013-10047 affects MiniWeb HTTP Server up to Build 300. An unrestricted file upload with path traversal lets unauthenticated remote attackers drop a .exe in System32 and a .mof in the WMI directory, enabling payload execution with SYSTEM privileges via WMI on Windows versions before Vista. Mu...
PT-2025-31684 · Microsoft +1 · Windows +1
Name of the Vulnerable Software and Affected Versions: MiniWeb HTTP Server versions prior to and including Build 300 Description: An unrestricted file upload vulnerability exists that allows unauthenticated remote attackers to upload arbitrary files to the server’s filesystem. By abusing the uplo...
CVE-2020-29596
MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial of service daemon crash via a long name for the first parameter in a POST request...
MiniWeb HTTP Server 0.8.19 Denial Of Service
!/usr/bin/perl use IO::Socket; Exploit Title: MiniWeb HTTP Server 0.8.19 - Denied of Service DoS Discovery by: Fernando Mengali Discovery Date: 24 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1935vpOZJPFJqnwTMPdkXTvoblA1SzBEK/view?usp=sharing Notification...
MiniWeb HTTP Server 0.8.1 Denial Of Service
!/usr/bin/perl use IO::Socket; Exploit Title: MiniWeb HTTP Server 0.8.1 - Denied of Service DoS Discovery by: Fernando Mengali Discovery Date: 19 january 2024 Vendor Homepage: N/A Download to demo: https://drive.google.com/file/d/1AVHSlsYj5Ukw9co9M2Ql6RsqCTzbI038/view?usp=sharing Notification...
CVE-2020-29596
MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial of service daemon crash via a long name for the first parameter in a POST request...
Cross site request forgery (csrf)
MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial of service daemon crash via a long name for the first parameter in a POST request...
CVE-2020-29596
MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial of service daemon crash via a long name for the first parameter in a POST request...
MiniWeb HTTP Server 0.8.19 Buffer Overflow
Exploit Title: MiniWeb HTTP Server 0.8.19 - Buffer Overflow PoC Date: 13.12.2020 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://sourceforge.net/projects/miniweb/ Software Link:...
MiniWeb (Build 300) Arbitrary File Upload
This module exploits a vulnerability in MiniWeb HTTP server build 300. The software contains a file upload vulnerability that allows an unauthenticated remote attacker to write arbitrary files to the file system. Code execution can be achieved by first uploading the payload to the remote machine ...
MiniWeb HTTP Server 300 - Crash (PoC)
MiniWeb HTTP server build 300, built on Feb 28 2013 by Stanley Huang http://sourceforge.net/projects/miniweb/files/miniweb/0.8/miniweb-win32-20130309.zip/download Heap corruption PoC - remote DoS Tested on Win7 SP1 RUS x dmnt 2013 import socket print 'Mini Web HTTP Server remote DoS exploit by...
Directory traversal
Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to read arbitrary files and list arbitrary directories via a 1 .%2e partially encoded dot dot or 2 %2e%2e encoded dot dot in the URI...
CVE-2008-0338
Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to read arbitrary files and list arbitrary directories via a 1 .%2e partially encoded dot dot or 2 %2e%2e encoded dot dot in the URI...