669 matches found
CVE-2001-1075
poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attackers to bypass authentication for relaying by causing a "POP login by user" string that includes the attacker's IP address to be injected into the maillog log file...
Phorum Discussion Board Security Bug (Email Disclosure)
Concerning latest Phorum version 3.3.2 A bug in the PHP based forum script Phorum makes it possible to obtain the email addresses of the 10 most active users. In the 'admin/' directory of the forum there is a script called 'stats.php' that allows administrators and anyone else, since there is no...
Add2it Mailman command execution
!/exploit/by/b0iler Add2it Mailman Free V1.73 script url: http://www.add2it.com/scripts/mailman-free.shtml The problem is that the script does not filter input well: $command = $ENV'QUERYSTRING'; $list, $email = split/=/,$command; and then the script makes an open call based on input from the use...
Получение оглавления каталога в Tarantella Enterprise (information leakage)
Скрипт ttawebtop.cgi дает возможность получить листинг...
zml.cgi Directory Traversal
ZML.cgi is vulnerable to a directory traversal attack. It enables a remote attacker to view any file on the computer with the privileges of the cgi/httpd user. %NASLMINLEVEL 70300 This script was written by Drew Hintz http://guh.nu It is based on scripts written by Renaud Deraison and HD Moore Se...
CVE-2001-0795
Perception LiteServe 1.25 allows remote attackers to obtain source code of CGI scripts via URLs that contain MS-DOS conventions such as 1 upper case letters or 2 8.3 file names...
CVE-2001-1234
Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable...
CVE-2001-1296
More.groupware PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable...
advisory
------------ advisory ------------ name: eshop Online-Shop System author: WEBDISCOUNT, Inh. Michael Boehme Problem: Script doesnt check for symbol ";". any user can execute any nix commands on webserver. exploit: host/cgi-bin/eshop.pl?seite=;ls| ex...
Beck GmbH IPC@Chip does not adequately validate user input thereby disclosing sensitive network data via crafted URL
Overview An insecure default configuration in the Beck IPC@CHIP allows an intruder to obtain priviledged system information. Description The Beck IPC@CHIP is a single chip embedded webserver. The Beck IPC@CHIP ships with a cgi script named "ChipCfg". Using a specially crafted url, an attacker can...
CVE-1999-1536
The CVE-1999-1536 entry concerns AcuShop Salesbuilder where the .sbstart startup script is world-writable. This allows local users to escalate privileges by appending commands to the file, leading to complete compromise of confidentiality, integrity, and availability for affected contexts per the...
CVE-1999-1345
CVE-1999-1345 affects the Auto_FTP 0.2 setup where the Auto_FTP.pl script uses the /tmp/ftp_tmp directory as a shared area with insecure permissions. This misconfiguration allows local users to: (1) place arbitrary files into the shared directory to be sent to the remote server, and (2) view file...
CVE-1999-1155
LakeWeb Mail List CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address...
CVE-1999-1179
CVE-1999-1179 describes a vulnerability in the included man.sh CGI script from SysAdmin Magazine (May 1998) that allows remote attackers to execute arbitrary commands. The NVD notes a CVSSv2 base score of 7.5 (HIGH) with AV:N/AC:L/Au:N/C:P/I:P/A:P. The entry lists no exploitation status and provi...
CVE-1999-1560
CVE-1999-1560 describes a local privilege escalation in TAMU Tiger where a vulnerability in a script allows local users to execute arbitrary commands as the Tiger user (usually root). The affected component is a script within TAMU Tiger; the underlying cause is not explicitly detailed in the prov...
NetCode NC Book book.cgi current Parameter Arbitrary Command Execution
The CGI 'book.cgi' is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid10721; scriptversion"1.27";...
CVE-2001-0100
The CVE-2001-0100 entry concerns the bslist.cgi mailing list script. The vulnerability arises when an attacker supplies shell metacharacters in the email address, allowing remote execution of arbitrary commands. The description indicates a remote, unauthenticated impact affecting the bslist.cgi c...
Microsoft Internet Explorer 5.5 - File Disclosure
source: https://www.securityfocus.com/bid/2833/info Internet Explorer contains a flaw which could enable a remote web site operator to retrieve a known file from a visiting user's system. If a specially formed script containing GetObject function with the known path to an existing file is embedde...
Thinking Arts ES.One store.cgi StartID Parameter Traversal Arbitrary File Access
The 'store.cgi' cgi is installed. This CGI has a well known security flaw that lets an attacker read arbitrary files with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid10639;...
CGI - mailnews.cgi vulnerability...
Hello BuGReaders... Script: mailnews.cgi Introduction: cat from source CGI-Script MAILNEWS 1.3 This script helps you to maintain a mailinglist. /cat Tested Version: 1.1, 1.3 Author dont parse some characters and he use very stupid "password protection". We can add or delete users from maillist...