EUVD-2002-1511

Malware in sbrugna...

msmmask.exe

The msmmask.exe CGI is installed. Some versions allow an attacker to read the source of any file in your webserver's directories by using the 'mask' parameter. OpenVAS Vulnerability Test $Id: msmmask.nasl 5786 2017-03-30 10:08:58Z cfi $ Description: msmmask.exe Authors: Michel Arboi Copyright:...

MondoSoft MondoSearch < 4.4.5156 'msmmask.exe' Source Disclosure Vulnerability - Active Check

MondoSoft MondoSearch is prone to a source code disclosure vulnerability. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2002-1528

CVE-2002-1528 concerns the MondoSearch product where the msmmask.exe CGI can disclose script source via the mask parameter. The vulnerability affects MondoSearch 4.4 and older builds, enabling an attacker to read files from the webserver’s directories, which is an information disclosure issue. Op...

CVE-2002-1528

MsmMask.exe in MondoSearch 4.4 allows remote attackers to obtain the source code of scripts via the mask parameter...

[Full-Disclosure] MondoSoft - Proxy through MsmHigh.exe

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Topic: MondoSoft - Proxy through MsmHigh.exe Application : MondoSearch versions prior to 5.1b Author: Uffe Nielsen uni at protego.dk Advisory URL: http://www.protego.dk/advisories/200401.html Vendor Name: MondoSoft Vendor URL: http://www.mondosoft.com...

[Full-Disclosure] MondoSoft - User enumeration possible

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Topic: MondoSoft - User enumeration possible Application : MondoSearch versions prior to 5.1b Author: Uffe Nielsen uni at protego.dk Advisory URL: http://www.protego.dk/advisories/200404.html Vendor Name: MondoSoft Vendor URL: http://www.mondosoft.com...

[Full-Disclosure] MondoSoft File Creation vulnerability

PROTEGO Security Advisory PSA200302 Topic: MondoSoft File Creation vulnerability Application : MondoSearch 4.4, 5.0, and 5.1 Author: Jens H. Christensen jhc at protego.dk Advisory URL: http://www.protego.dk/advisories/200302.html Identifiers: CERT: VU 756556 Vendor Name: MondoSoft Vendor URL:...

CVE-2002-1528

MsmMask.exe in MondoSearch 4.4 allows remote attackers to obtain the source code of scripts via the mask parameter...

MondoSearch MsmMask.exe Arbitrary Script Source Disclosure

The msmmask.exe CGI is installed. Some versions allow an attacker to read the source of any file in your web server's directories by using the 'mask' parameter. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Affected: MondoSearch 4.4.5147 and below. MondoSearch 4.4.5156 and above are NOT...

MondoSearch show the source of all files

MondoSearch show the source of all files -------------------------------------------- Affected Program: MondoSearch 4.4 possibly earlier versions too, but not tested Vendor: http://www.mondosoft.com Vendor Status: not informed yet Discovery Date: 10 oct 2002 Problem ------- You can see the source...