133 matches found
perl cgi.pm crossite scripting
Crossite scripting on startform function...
SSI & CSS execution in MakeBook 2.2
DownBload Security Research Lab Advisory ------------------------------------------------------------------------- Advisory name: SSI & CSS execution in MakeBook 2.2 Advisory number: 5 Application: MakeBook 2.2 CGI script Application author: Kristina Pfaff-Harris Source:...
AlienForm2 CGI script: arbitrary file read/write
===================================================================== Vulnerable: AlienForm2 revision 1.5 Category: Perl/CGI coding errors Impact: Subject to file permissions, an attacker can read any file on the server, append arbitrary data to any existing file or write arbitrary data to new...
Доступ к файлам, удаленное выполнение в gntasweb (anauthorized access)
Классические ошибки CGI на perl...
nph-maillist 3.03.5 - Arbitrary Code Execution
nph-maillist 3.03.5 - Arbitrary Code Execution source: https://www.securityfocus.com/bid/2563/info nph-maillist is a Perl CGI script that handles mailing lists, typically used to notify interested users of site updates. A hostile user can enter commands embedded in an email address via the...
nph-maillist 3.0/3.5 - Arbitrary Code Execution
source: https://www.securityfocus.com/bid/2563/info nph-maillist is a Perl CGI script that handles mailing lists, typically used to notify interested users of site updates. A hostile user can enter commands embedded in an email address via the subscription form, and then force a mailing which wil...
eXtropia bbs_forum.cgi 1.0 - Arbitrary Command Execution
eXtropia bbsforum.cgi 1.0 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/2177/info bbsforum.cgi is a popular Perl cgi script from eXtropia.com. It supports the creation and maintenance of web-based threaded discussion forums. Version 1.0 of bbsforum.cgi fails to properly...
SRADV00005.txt
================================================= Secure Reality Pty Ltd. Security Advisory 5 SRADV00005 http://www.securereality.com.au ================================================= Title Remote command execution vulnerabilities in MailMan Webmail Released 6/11/2000 Vulnerable All 3.x versio...
(SRADV00005) Remote command execution vulnerabilities in MailMan Webmail
================================================= Secure Reality Pty Ltd. Security Advisory 5 SRADV00005 http://www.securereality.com.au ================================================= Title Remote command execution vulnerabilities in MailMan Webmail Released 6/11/2000 Vulnerable All 3.x versio...
Дырки в mailman webmail
Классические дырки perl CGI при работе с файлами...
Дырки в YaBB search.pl
Классические ошибки Perl-CGI позволяют доступ к любому файлу и выполнение любых приложений...
BizDB bizdb-search.cgi Arbitrary Command Execution
BizDB is a web database integration product using Perl CGI scripts. One of the scripts, bizdb-search.cgi, passes a variable's contents to an unchecked open call and can therefore be made to execute commands at the privilege level of the web server. The variable is dbname, and if passed a semicolo...
Web Server /cgi-bin Perl Interpreter Access
The 'Perl' CGI is installed and can be launched as a CGI. This is equivalent to giving a free shell to an attacker, with the http server privileges usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...