EUVD-2004-2609

Malware in sbrugna...

Pegasi Web Server 0.2.2 Error Page XSS

No description provided by source. source: http://www.securityfocus.com/bid/9847/info Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks. A successful cross-site scripting attack may...

Pegasi Web Server 0.2.2 Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/9847/info Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks. A successful cross-site scripting attack may...

CVE-2004-2617

The connected records confirm a concrete vulnerability in Pegasi Web Server (PWS) version 0.2.2: a directory traversal flaw that allows remote attackers to read files outside the web root by crafting a URI containing a .. immediately after the leading '/'. The underlying issue is a failure to pro...

CVE-2004-2618

Pegasi Web Server (PWS) 0.2.2 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the URI, directly after the initial '/'. The issue is tied to the URI path component and is documented across CVE-2004-2618/NVD; no speci...

CVE-2004-2617

Directory traversal vulnerability in Pegasi Web Server PWS 0.2.2 allows remote attackers to read files outside of the web root via a .. dot dot directly after the initial '/' slash in the URI...

CVE-2004-2618

Cross-site scripting XSS vulnerability in Pegasi Web Server PWS 0.2.2 allows remote attackers to inject arbitrary web script or HTML via the URI, directly after the initial '/' slash...

CVE-2004-2617

Directory traversal vulnerability in Pegasi Web Server PWS 0.2.2 allows remote attackers to read files outside of the web root via a .. dot dot directly after the initial '/' slash in the URI...

CVE-2004-2618

Cross-site scripting XSS vulnerability in Pegasi Web Server PWS 0.2.2 allows remote attackers to inject arbitrary web script or HTML via the URI, directly after the initial '/' slash...

Pegasi022.txt

Donato Ferrante Application: Pegasi Web Server PWS http://pws.sourceforge.net Version: 0.2.2 Bugs: Multiple Vulnerabilities Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1. Description 2...

Pegasi Web Server 0.2.2 - Arbitrary File Access

Pegasi Web Server 0.2.2 - Arbitrary File Access source: https://www.securityfocus.com/bid/9847/info Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks. A successful cross-site scriptin...

Pegasi Web Server 0.2.2 - Error Page Cross-Site Scripting

Pegasi Web Server 0.2.2 - Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/9847/info Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks. A successful cross-sit...

Multiple Pegasi Web Server bugs

Directory tracersal, crossite scripting...

Multiple Vulnerabilities in PWS 0.2.2

Donato Ferrante Application: Pegasi Web Server PWS http://pws.sourceforge.net Version: 0.2.2 Bugs: Multiple Vulnerabilities Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1. Description 2...

Pegasi Web Server 0.2.2 - Arbitrary File Access

source: https://www.securityfocus.com/bid/9847/info Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks. A successful cross-site scripting attack may make it possible for an attacker to...