56 matches found
EUVD-2007-3317
Malware in sbrugna...
EUVD-2015-6410
Malware in sbrugna...
EUVD-2003-1092
Malware in sbrugna...
EUVD-2007-1472
Malware in sbrugna...
EUVD-2011-1032
Malware in sbrugna...
EUVD-2022-4608
Malicious code in bioql PyPI...
CVE-2002-2413
WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name...
BIT-PHP-MIN-2024-4577 Argument Injection in PHP-CGI
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may...
Improper Input Validation in Mortbay Jetty
jetty 6.0.x jetty6 beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations...
Directory traversal
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as...
CVE-2014-4650
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as...
JGI CMS 1.0 - Multiple Vulnerabilities
Exploit for php platform in category web applications JGI CMS 1.0 - Multiple Vulnerabilities 1---------------------------------- A Directory Traversal vulnerability has been discovered in the JCI CMS web-application. The vulnerability is located in the 'arquivo' parameter of thedl.php action GET...
Code injection
The interpreter in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allows remote attackers to discover script source code via unspecified vectors...
CVE-2015-6469
The interpreter in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allows remote attackers to discover script source code via unspecified vectors...
CVE-2015-6469
CVE-2015-6469 affects IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ where an interpreter misconfiguration allows remote disclosure of executable script source code. Affected products are web-based SCADA systems; attacker could obtain source code via unspecified vectors. ICS-CERT reports no patc...
CVE-2014-4650
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as...
Mandriva Update for python MDVSA-2011:096 (python)
Check for the Version of python OpenVAS Vulnerability Test Mandriva Update for python MDVSA-2011:096 python Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
CVE-2011-1015
The iscgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / slash character at the beginning of the URI...
PSF-2011-1 CGI directory traversal (is_cgi() function)
The iscgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / slash character at the beginning of the URI...
CVE-2011-1015
The iscgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / slash character at the beginning of the URI...