13 matches found
Progress 3.1 Webspeed _CPYFile.P Unauthorized Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23634/info Progress WebSpeed is prone to a vulnerability that lets attackers gain unauthorized access to and execute administrative scripts. An attacker may leverage this issue to create and execute malicious WebSpeed cod...
Information disclosure
Progress Webspeed Messenger allows remote attackers to obtain sensitive information via a WService parameter containing "wsbroker1/webutil/about.r", which reveals the operating system and product information...
CVE-2007-2354
Progress Webspeed Messenger allows remote attackers to obtain sensitive information via a WService parameter containing "wsbroker1/webutil/about.r", which reveals the operating system and product information...
CVE-2007-2354
Progress Webspeed Messenger allows remote attackers to obtain sensitive information via a WService parameter containing "wsbroker1/webutil/about.r", which reveals the operating system and product information...
CVE-2007-2354
CVE-2007-2354 affects Progress Webspeed Messenger. The vulnerability arises from a WService parameter containing “wsbroker1/webutil/about.r” that can disclose operating system and product information to remote attackers, constituting an information-disclosure issue. The connected documents confir...
Code injection
Progress Webspeed Messenger allows remote attackers to read, create, modify, and execute arbitrary files by invoking webutil/cpyfile.p in the WService parameter to 1 cgiip.exe or 2 wsisa.dll in scripts/, as demonstrated by using the save,editor options to create a new file using the fileName...
CVE-2007-2266
Progress Webspeed Messenger allows remote attackers to read, create, modify, and execute arbitrary files by invoking webutil/cpyfile.p in the WService parameter to 1 cgiip.exe or 2 wsisa.dll in scripts/, as demonstrated by using the save,editor options to create a new file using the fileName...
CVE-2007-2266
Progress Webspeed Messenger is affected by a vulnerability where an attacker can remotely read, create, modify, and execute arbitrary files by invoking webutil/_cpyfile.p in the WService parameter to (1) cgiip.exe or (2) wsisa.dll in scripts/, as demonstrated through the save, editor options usin...
CVE-2007-2266
Progress Webspeed Messenger allows remote attackers to read, create, modify, and execute arbitrary files by invoking webutil/cpyfile.p in the WService parameter to 1 cgiip.exe or 2 wsisa.dll in scripts/, as demonstrated by using the save,editor options to create a new file using the fileName...
Progress Webspeed exploit for all releases
Because of a flaw in cpyfile.p which is a default installed file it is possible to gain full control of a machine running Progress Webspeed Messenger. You can access, change and edit allmost any file on the server running the Webspeed Messenger even when the workshop is disabled. First you have t...
webspeed-exec.txt
Because of a flaw in cpyfile.p which is a default installed file it is possible to gain full control of a machine running Progress Webspeed Messenger. You can access, change and edit allmost any file on the server running the Webspeed Messenger even when the workshop is disabled. First you have t...
Progress 3.1 - Webspeed _CPYFile.P Unauthorized Access
Progress 3.1 - Webspeed CPYFile.P Unauthorized Access source: https://www.securityfocus.com/bid/23634/info Progress WebSpeed is prone to a vulnerability that lets attackers gain unauthorized access to and execute administrative scripts. An attacker may leverage this issue to create and execute...
Progress 3.1 - Webspeed _CPYFile.P Unauthorized Access
source: https://www.securityfocus.com/bid/23634/info Progress WebSpeed is prone to a vulnerability that lets attackers gain unauthorized access to and execute administrative scripts. An attacker may leverage this issue to create and execute malicious WebSpeed code on the host running the webserve...