Bajie WebServer 0.78/0.90 - Remote Command Execution

source: https://www.securityfocus.com/bid/2388/info It is possible to execute arbitrary commands on a host running Bajie Webserver. A remote user can use Bajie's built-in upload feature to place malicious scripts on Bajie webservers. These uploaded scripts are placed in known destination...

CVE-2000-1112

Technical details about CVE-2000-1112 are not publicly available in the provided connected documents. The record describes Windows Media Player 7 skin-script execution, but no specifics on affected versions, root cause, exploit method, or fixes are included. Monitor for updates.

CVE-2000-1112

Microsoft Windows Media Player 7 executes scripts in custom skin .WMS files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability...

PHP Security Advisory - Apache Module bugs

Problems ========= 1 PHP supports a configuration mechanism that allows users to configure PHP directives on a per-directory basis. Under Apache, this is usually done using .htaccess files. Due to a bug in the Apache module version of PHP, remote 'malicious users' might be able to create a specia...

Дырка в TWIG webmail

Используя ошибку в проверке агрументов можно загрузить и выполнить собственный php3-скрипт...

Дырка в mh (rcvtty) под BSDi

rcvtty позволяет выполнение скрипта...

Security Bulletin (MS00-090)

Microsoft Security Bulletin MS00-090 - -------------------------------------- Patch Available for ".ASX Buffer Overrun" and ".WMS Script Execution" Vulnerabilities Originally posted: November 22, 2000 Summary ======= Microsoft has released a patch that eliminates two security vulnerabilities in...

/sbin/restore exploit (rh6.2)

Exploit for linux platform in category local exploits ============================= /sbin/restore exploit rh6.2 ============================= !/bin/sh /sbin/restore exploit for rh6.2 I did not find this weakness my self, all i did was writing this script and some more to make it automatic and eas...

Уявзвимость в IIS при обработке HTW (.htw URL script)

При обращении к .htw файлам URL может содержать скрипт. При выдаче дагностического сообщения URL не будет комментироваться, что позволяет выполнить скрипт в контексте сервера...

CVE-1999-0942

UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes...

Заткнуты дырки в IE (Scriptlet Rendering, IE Script)

Несколько дырок позволявших выполнять скрипты в контексте локальной машины и обращаться к локальным файлам...

Check Point Software Firewall-1 3.0 Script - Tag Checking Bypass

Check Point Software Firewall-1 3.0 Script - Tag Checking Bypass source: https://www.securityfocus.com/bid/954/info Firewall-1 includes the ability to alter script tags in HTML pages before passing them to the client's browser. This alteration invalidates the tag, rendering the script unexecutabl...

CVE-1999-0488

Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability...

CVE-1999-0268

MetaInfo MetaWeb web server allows users to upload, execute, and read scripts...