Lucene search
K

1154 matches found

Cvelist
Cvelist
added 2005/09/07 4:0 a.m.18 views

CVE-2005-2813

Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbitrary files via ".." sequences and "%00" trailing null byte characters in the id parameter to the read mod in index.php...

6.7AI score0.07133EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2005/06/21 4:0 a.m.22 views

CVE-2002-1721

Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of service crash via an x-header that causes snprintf overwrite the FFGETFILE variable with a null byte...

7.5CVSS6.3AI score0.02262EPSS
Exploits0
OSV
OSV
added 2005/06/17 4:0 a.m.8 views

CVE-2005-2008

Yaws Webserver 1.55 and earlier allows remote attackers to obtain the source code for yaws scripts via a request to a yaw script with a trailing %00 null...

7AI score
Exploits0References6
securityvulns
securityvulns
added 2005/04/30 12:0 a.m.27 views

еще один бажный скрипт в WebAPP v0.9.9.

Здравствуйте, . вот нашел еще новую узвимость в WebAPP v0.9.9.. Просмотр произвольных файлов в WebAPP Web Automated Perl Portal System v0.9.9. Software / Application - WebAPP v0.9.9. Problem-Type - удаленная Vulnerability - возможность чтения файлов и просмотр каталогов. Vendor -...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2005/04/03 12:0 a.m.26 views

ArGoSoft FTP Server <= 1.4.2.8 Denial of Service Exploit

No description provided by source. / ArGoSoft Ftp Server remote overflow exploit author : c0d3r "kaveh razavi" [email protected] [email protected] package : ArGoSoft 1.4.2.29 and prior advisory : packetstormsecurity.nl/0503-advisories/argosoftFTP1428.txt company address : argosoft.com the bug...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2005/04/03 12:0 a.m.38 views

ArGoSoft FTP Server 1.4.2.8 - Denial of Service

/ ArGoSoft Ftp Server remote overflow exploit author : c0d3r "kaveh razavi" [email protected] [email protected] package : ArGoSoft 1.4.2.29 and prior advisory : packetstormsecurity.nl/0503-advisories/argosoftFTP1428.txt company address : argosoft.com the bug was found by a mate and reported to...

7.4AI score
Exploits0
OSV
OSV
added 2005/03/01 5:0 a.m.4 views

DEBIAN-CVE-2004-1007

The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service application crash via mail headers that cause a line feed LF to be replaced by a null byte that is written to an incorrect memory address...

5CVSS6.8AI score0.01926EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/02/16 12:0 a.m.34 views

lighttpd < 1.3.8 Null Byte Request CGI Script Source Code Disclosure

According to its banner, the version of lighttpd running on the remote host is prior to 1.3.8. It is, therefore, affected by an information disclosure vulnerability. An unauthenticated, remote attacker can exploit this vulnerability, by requesting a CGI script that is appended by a '%00', to read...

5CVSS5.6AI score0.01716EPSS
Exploits0References2
NVD
NVD
added 2005/02/08 5:0 a.m.39 views

CVE-2004-0848

Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after 1 "%00 null byte in .doc filenames or 2 "%0a" carriage return in .rtf filenames...

7.5CVSS7.7AI score0.27489EPSS
Exploits0References7
NVD
NVD
added 2005/01/10 5:0 a.m.15 views

CVE-2004-1123

Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service server crash via a DESCRIBE request with a location that contains a null byte...

5CVSS6.6AI score0.01287EPSS
Exploits1References2
NVD
NVD
added 2004/12/31 5:0 a.m.19 views

CVE-2004-2584

frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte "%00". NOTE: it is not clear whether this issue poses a vulnerability...

4CVSS6.2AI score0.01089EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2004/12/31 12:0 a.m.43 views

eboard40.txt

Hi, I found a vulnerability in eBoard ver. 4.0 which allows remote users to open any file on the system. I think all prior vers have the same problem. eBoard is a wwwboard-like CGI script. It's written by Mike Bagneski in Perl and for sale! $14.95. http://www.e-scripts.com/eboard/ It doesn't chec...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2004/12/05 5:0 a.m.18 views

CVE-2004-1123

Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service server crash via a DESCRIBE request with a location that contains a null byte...

9.1AI score0.01287EPSS
Exploits1References2
securityvulns
securityvulns
added 2004/12/04 12:0 a.m.35 views

[Full-Disclosure] iDEFENSE Security Advisory 12.03.2004: Apple Darwin Streaming Server DESCRIBE Null Byte Denial of Service Vulnerability

Apple Darwin Streaming Server DESCRIBE Null Byte Denial of Service Vulnerability iDEFENSE Security Advisory 12.03.2004 www.idefense.com/application/poi/display?id=159&type=vulnerabilities December 03, 2004 I. BACKGROUND Darwin Streaming Server is an open source version of Apple's QuickTime...

5CVSS0.1AI score0.01287EPSS
Exploits1
Exploit DB
Exploit DB
added 2004/09/26 12:0 a.m.33 views

bsd/PPC - execve /bin/sh 128 bytes

bsd/PPC execve /bin/sh 128 bytes. Shellcode exploit for bsdppc platform / Linux PPC shellcode execve of /bin/sh by Palante / long shellcode = / Palante's BSD PPC shellcode w/ NULL/ 0x7CC63278, 0x2F867FFF, 0x41BC005C, 0x7C6802A6, 0xB0C3FFF9, 0xB0C3FFF1, 0x38867FF0, 0x38A67FF4, 0x38E67FF3,...

Exploits0
Packet Storm
Packet Storm
added 2004/09/13 12:0 a.m.24 views

adv17.txt

+| Advisory 17. Search Engine & Directory by Turbo Seek Software: Search Engine & Directory Powered by Turbo Seek Vendor: FocalMedia.Net http://www.focalmedia.net Vulnerability: âîçìîæíîñòü ÷òåíèÿ ôàéëîâ Risk: ñðåäíèé Date: 10'Sept 2004 discovered by durito -duritoatmaildotru- HTTP: www.lwb57.org...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2004/09/13 12:0 a.m.21 views

Turbo Seek Null Byte Error Discloses Files to Remote Users

No description provided by source. Some demonstration exploit URLs are provided: /cgi-bin/cgi/tseekdir.cgi?location=/etc/passwd%00 /cgi-bin /tseekdir.cgi?id=799&location=/etc/passwd%00 milw0rm.com 2004-09-13...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2004/09/13 12:0 a.m.15 views

Turbo Seek - Null Byte Error Discloses Files

Turbo Seek - Null Byte Error Discloses Files Some demonstration exploit URLs are provided: /cgi-bin/cgi/tseekdir.cgi?location=/etc/passwd%00 /cgi-bin /tseekdir.cgi?id=799&location=/etc/passwd%00 milw0rm.com 2004-09-13...

0.1AI score
Exploits0
0day.today
0day.today
added 2004/09/13 12:0 a.m.71 views

Turbo Seek Null Byte Error Discloses Files to Remote Users

Exploit for cgi platform in category web applications ========================================================== Turbo Seek Null Byte Error Discloses Files to Remote Users ========================================================== Some demonstration exploit URLs are provided:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2004/09/13 12:0 a.m.122 views

Turbo Seek - Null Byte Error Discloses Files

Some demonstration exploit URLs are provided: /cgi-bin/cgi/tseekdir.cgi?location=/etc/passwd%00 /cgi-bin /tseekdir.cgi?id=799&location=/etc/passwd%00 milw0rm.com 2004-09-13...

7.4AI score
Exploits0
Rows per page
Query Builder