Perception LiteServe 2.0.1 - Directory Query String Cross-Site Scripting

source: https://www.securityfocus.com/bid/6143/info A cross site scripting vulnerability has been discovered in Perception LiteServe. It has been reported that LiteServe fails to sanitize query strings from indexed folders. It is possible for an attacker to exploit this issue by constructing a...

Perception LiteServe 2.0.1 - Directory Query String Cross-Site Scripting

Perception LiteServe 2.0.1 - Directory Query String Cross-Site Scripting source: https://www.securityfocus.com/bid/6143/info A cross site scripting vulnerability has been discovered in Perception LiteServe. It has been reported that LiteServe fails to sanitize query strings from indexed folders. ...

Super Site Searcher - Remote Command Execution

Super Site Searcher - Remote Command Execution source: https://www.securityfocus.com/bid/5605/info Super Site Searcher is prone to remote command execution. Shell metacharacters are not adequately filtered from query string parameters in a request to the vulnerable search engine script. The...

XSS in Null HTTPd

Null HTTPd is a simple HTTP server that runs on Win32/Unix systems. It is quite basic, but offers good CGI support. A vulnerability in Null HTTPd may allow cross-site scripting via a 404 page: http://localhost/a?x=SCRIPTalertdocument.URL/SCRIPT You have to place this in the query string so that i...

omnihttpd.txt

A vulnerability exists in the test.php script of OmniHTTPd. The script makes a classic coding error -- trusting unsanitized user input. The query string and cookie values are returned unfiltered. Of most concern, of course, is the query string:...

OmniHTTPd test.php Cross-Site Scripting Issue

A vulnerability exists in the test.php script of OmniHTTPd. The script makes a classic coding error -- trusting unsanitized user input. The query string and cookie values are returned unfiltered. Of most concern, of course, is the query string:...

CVE-2001-0731

CVE-2001-0731 affects Apache 1.3.20 when Multiviews is enabled. A remote attacker can cause a directory listing to be displayed (information disclosure) by crafting a request containing an M=D query string, bypassing normal index page behavior. Public advisories and scans consistently reference t...

SWSoft ASPSeek 1.0 - 's.cgi' Remote Buffer Overflow

source: https://www.securityfocus.com/bid/2492/info A buffer overflow in ASPSeek versions 1.0.0 through to 1.0.3 allows for arbitrary code execution with the privileges of the web server. The vulnerable script is s.cgi and the buffer overflow can be accessed by submitting an excessively long quer...

Mysql 3.22.x/3.23.x - Local Buffer Overflow

// source: https://www.securityfocus.com/bid/2262/info MySQL is a widely used Open Source database tool. Versions of MySQL up to and including 3.23.30 are vulnerable to a buffer overflow attack. By supplying an excessively long string as an argument for a SELECT statement, it is possible for a...

CVE-2000-0401

Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string...

Alert: DNewsWeb buffer overflow

Cerberus Information Security Advisory CISADV000505 http://www.cerberus-infosec.co.uk/advisories.shtml Released : 5th May 2000 Name : DNewsweb Buffer Overflow Affected Systems : nix/Win32 Web Servers running Dnewsweb Issue : Attackers can remotely execute arbitrary code Author : Mark Litchfield...

Buffer overflows in Skyline/SpinBox client

There are some buffer overflows in SpinBox/1.1 from the spinserver.conf. SpinBox is an SSI/cgi-tool used by advertisement companies, made by Skyline. Since this is closed source software, I can't post the sources. The buffer overflows are mostly in the query string strcat and strcpy instead of...

CVE-1999-0178

Buffer overflow in the win-c-sample program win-c-sample.exe in the WebSite web server 1.1e allows remote attackers to execute arbitrary code via a long query string...

CVE-1999-0146

The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file...