Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

47 matches found

seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.10 views

Dispair 0.1/0.2 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5392/info Dispair fails to sufficiently validate user-supplied input before it is passed to the shell via the Perl open function. Remote attackers may potentially exploit this issue to execute arbitrary commands on the...

7.1AI score
Exploits0
Saint
Saintadded 2006/02/14 12:0 a.m.54 views

AWStats configdir parameter command execution

Added: 02/14/2006 CVE: CVE-2005-0116 BID: 12298 OSVDB: 13002 Background AWStats is a web application for showing web, FTP, and mail server statistics. Problem Insufficient validation of the configdir parameter before being used in a PERL open call leads to remote command execution. Resolution...

7.5CVSS6.6AI score0.91976EPSS
Exploits11
exploitpack
exploitpackadded 2005/07/05 12:0 a.m.8 views

GlobalNoteScript 4.20 - Read.cgi Remote Command Execution

GlobalNoteScript 4.20 - Read.cgi Remote Command Execution source: https://www.securityfocus.com/bid/14148/info GlobalNoteScript is prone to a remote arbitrary command execution vulnerability. Reportedly, this issue arises when the user-specified 'file' URI parameter of the 'read.cgi' script is...

0.4AI score
Exploits0
Exploit DB
Exploit DBadded 2005/02/16 12:0 a.m.22 views

AWStats 5.x/6.x - 'Logfile' Remote Command Execution

source: https://www.securityfocus.com/bid/12572/info AWStats is reported prone to a remote arbitrary command-execution vulnerability. This issue occurs because the application fails to properly sanitize user-supplied data. Specifically, the user-specified 'logfile' URI parameter is supplied to th...

7.4AI score
Exploits0
FreeBSD
FreeBSDadded 2005/01/18 12:0 a.m.20 views

newsgrab -- directory traversal vulnerability

The newsgrab script creates files by using the names provided in the newsgroup messages in a perl open call. This is done without performing any security checks to prevent a directory traversal. A specially crafted newsgroup message could cause newsgrab to drop an attachment anywhere on the file...

1.9AI score
Exploits2References2
exploitpack
exploitpackadded 2000/07/12 12:0 a.m.8 views

CVSWeb Developer CVSWeb 1.80 - Insecure Perl open Code Execution

CVSWeb Developer CVSWeb 1.80 - Insecure Perl open Code Execution source: https://www.securityfocus.com/bid/1469/info Cvsweb 1.80 makes an insecure call to the perl OPEN function, providing attackers with write access to a cvs repository the ability to execute arbitrary commands on the host machin...

Exploits0
Exploit DB
Exploit DBadded 1997/07/04 12:0 a.m.32 views

WEBgais 1.0 - websendmail Remote Command Execution

source: https://www.securityfocus.com/bid/2077/info WEBgais is a package that provides a web interface to the "gais" Global Area Intelligent Search search engine tool. This package contains a vulnerable script, websendmail, which can be used to execute arbitrary commands on the server with the...

7AI score
Exploits0
Rows per page
Query Builder