Lucene search
+L

133 matches found

securityvulns
securityvulns
added 2003/07/21 12:0 a.m.31 views

perl cgi.pm crossite scripting

Crossite scripting on startform function...

1.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/06/13 12:0 a.m.24 views

SSI & CSS execution in MakeBook 2.2

DownBload Security Research Lab Advisory ------------------------------------------------------------------------- Advisory name: SSI & CSS execution in MakeBook 2.2 Advisory number: 5 Application: MakeBook 2.2 CGI script Application author: Kristina Pfaff-Harris Source:...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2002/06/12 12:0 a.m.34 views

AlienForm2 CGI script: arbitrary file read/write

===================================================================== Vulnerable: AlienForm2 revision 1.5 Category: Perl/CGI coding errors Impact: Subject to file permissions, an attacker can read any file on the server, append arbitrary data to any existing file or write arbitrary data to new...

Exploits0
securityvulns
securityvulns
added 2001/06/28 12:0 a.m.49 views

Доступ к файлам, удаленное выполнение в gntasweb (anauthorized access)

Классические ошибки CGI на perl...

1.8AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2001/04/10 12:0 a.m.12 views

nph-maillist 3.03.5 - Arbitrary Code Execution

nph-maillist 3.03.5 - Arbitrary Code Execution source: https://www.securityfocus.com/bid/2563/info nph-maillist is a Perl CGI script that handles mailing lists, typically used to notify interested users of site updates. A hostile user can enter commands embedded in an email address via the...

0.4AI score
Exploits0
exploitdb
exploitdb
added 2001/04/10 12:0 a.m.28 views

nph-maillist 3.0/3.5 - Arbitrary Code Execution

source: https://www.securityfocus.com/bid/2563/info nph-maillist is a Perl CGI script that handles mailing lists, typically used to notify interested users of site updates. A hostile user can enter commands embedded in an email address via the subscription form, and then force a mailing which wil...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2001/01/07 12:0 a.m.25 views

eXtropia bbs_forum.cgi 1.0 - Arbitrary Command Execution

eXtropia bbsforum.cgi 1.0 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/2177/info bbsforum.cgi is a popular Perl cgi script from eXtropia.com. It supports the creation and maintenance of web-based threaded discussion forums. Version 1.0 of bbsforum.cgi fails to properly...

0.9AI score
Exploits0
packetstorm
packetstorm
added 2000/12/07 12:0 a.m.30 views

SRADV00005.txt

================================================= Secure Reality Pty Ltd. Security Advisory 5 SRADV00005 http://www.securereality.com.au ================================================= Title Remote command execution vulnerabilities in MailMan Webmail Released 6/11/2000 Vulnerable All 3.x versio...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/12/07 12:0 a.m.42 views

(SRADV00005) Remote command execution vulnerabilities in MailMan Webmail

================================================= Secure Reality Pty Ltd. Security Advisory 5 SRADV00005 http://www.securereality.com.au ================================================= Title Remote command execution vulnerabilities in MailMan Webmail Released 6/11/2000 Vulnerable All 3.x versio...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2000/12/07 12:0 a.m.23 views

Дырки в mailman webmail

Классические дырки perl CGI при работе с файлами...

0.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2000/11/08 12:0 a.m.32 views

Дырки в YaBB search.pl

Классические ошибки Perl-CGI позволяют доступ к любому файлу и выполнение любых приложений...

0.5AI score
Exploits0References1
nessus
nessus
added 2000/04/26 12:0 a.m.70 views

BizDB bizdb-search.cgi Arbitrary Command Execution

BizDB is a web database integration product using Perl CGI scripts. One of the scripts, bizdb-search.cgi, passes a variable's contents to an unchecked open call and can therefore be made to execute commands at the privilege level of the web server. The variable is dbname, and if passed a semicolo...

10CVSS5.6AI score0.10625EPSS
Exploits1References2
nessus
nessus
added 1999/06/22 12:0 a.m.70 views

Web Server /cgi-bin Perl Interpreter Access

The 'Perl' CGI is installed and can be launched as a CGI. This is equivalent to giving a free shell to an attacker, with the http server privileges usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

10CVSS5.5AI score0.33392EPSS
Exploits0References1
Rows per page
Query Builder