CVE-2005-0508

Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue."...

DEBIAN-CVE-2005-0508

Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue."...

eboard40.txt

Hi, I found a vulnerability in eBoard ver. 4.0 which allows remote users to open any file on the system. I think all prior vers have the same problem. eBoard is a wwwboard-like CGI script. It's written by Mike Bagneski in Perl and for sale! $14.95. http://www.e-scripts.com/eboard/ It doesn't chec...

phpBB 2.0.10 - Remote Command Execution (CGI)

!/usr/bin/perl wphpbb.cgi hack service: http://site/cgi-bin/wphpbb.cgi use CGI qw:standard; $CGI::HEADERSONCE = 1; $CGI = new CGI; $atak = $CGI-param"atak"; $serv = $CGI-param"serv"; $dir = $CGI-param"dir"; $topic = $CGI-param"topic"; $cmd = $CGI-param"cmd"; print...

FreeBSD : ruby -- CGI DoS (171)

The following package needs to be updated: ruby-1.7.0 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgd656296b33ff11d9a9e70001020eed82.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

Solaris 2.6 (x86) : 108130-05

OpenWindows 3.6x86: Font Server patch. Date this patch was last updated by Sun : Dec/18/02 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

Solaris 2.5.1 (sparc) : 111840-01

SunOS 5.5.1: Buffer overflow in whodo via $TZ. Date this patch was last updated by Sun : Aug/15/01 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

Solaris 7 (x86) : 108757-01

SunOS 5.7x86: /usr/lib/netsvc/yp/rpc.ypupdated patch. Date this patch was last updated by Sun : Mar/26/01 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc...

Solaris 7 (x86) : 108749-02

SunOS 5.7x86: /usr/lib/nfs/statd patch. Date this patch was last updated by Sun : Oct/03/01 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

CVE-2003-0424

The CVE-2003-0424 entry affects Apple QuickTime/Darwin Streaming Server prior to 4.1.3f. The vulnerability allows an attacker to disclose script source code by appending encoded characters (%20 space or %2e dot) to an HTTP request for a script (e.g., /view_broadcast.cgi). The issue is a Script So...

CC GuestBook cc_guestbook.pl Multiple Parameter XSS

The remote host is running ccguestbook.pl, a guestbook written in Perl. This CGI is vulnerable to a cross-site scripting attack. An attacker may use this flaw to steal the cookies of your users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: From: "BrainRawt ." To:...

Bug in Eupload

Bug in Eupload ----------------- | By ZeroByte || [email protected] | | ICQ 98177781 | 1.1 - What is Eupload? Eupload, is an web utility used to facilitate the update of web sites by means of scripts CGI. This tool allows the ascent of files to the servant by means of an web interface. The...

CGIscript.net - csSearch.cgi - Remote Code Execution (up to 17,000 sites vulnerable)

CGIscript.net - csSearch.cgi - Remote Code Execution up to 17,000 sites vulnerable --------------------------------------------------------------------- Name : csSearch.cgi - Remote Code Execution Date : March 25, 2002 Product : csSearch Version : 2.3 vulnerable Vuln Type : Access Validation Erro...

Problems with the scripts by Solution Scripts

!/possible/exploits/by/b0iler scripts from: http://solutionscripts.com don't take anything I say too seriously in this, as it is mostly guess work. Problems with the scripts by Solution Scripts solution script's powerlist script: It seems the author doesn't check for anything when removing user's...

Alibaba get32.exe Arbitrary Command Execution

The 'get32.exe' CGI script is installed on this machine. This CGI has a well known security flaw that allows an attacker to execute arbitrary commands on the remote system with the privileges of the HTTP daemon typically root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...