66 matches found
CVE-2001-0841
CVE-2001-0841 : Affected software is Ikonboard (Search.cgi in ib219 and earlier). The vulnerability is a directory traversal flaw that allows remote attackers to overwrite files and gain privileges by sending the dot-dot sequence in the amembernamecookie cookie. The available sources identify thi...
CVE-2000-0287
The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the dbname parameter...
Master Index search.cgi Traversal Arbitrary File/Directory Access
The version of Master Index running on the remote web server has a directory traversal vulnerability. Input to the 'catigory' parameter of search.cgi is not properly sanitized. A remote attacker could exploit this to read arbitrary files from the system. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2000-0188
EZShopper 3.0’s search.cgi is vulnerable to directory traversal and command injection. Remote attackers can read arbitrary files via a .. path and may execute shell commands through metacharacters. The Nessus entry also mentions directory traversal in loadpage.cgi and possible arbitrary command e...
Alex Heiphetz Group eZshopper 3.0 - Remote Command Execution
Alex Heiphetz Group eZshopper 3.0 - Remote Command Execution source: https://www.securityfocus.com/bid/1014/info EZShopper is a perl-based E-Commerce software package offered by Alex Heiphetz Group, Inc. It is possible to remotely compromise a host due to a lack of checks on user input passed...
Solution Scripts Home Free 1.0 - 'search.cgi' Directory Traversal
source: https://www.securityfocus.com/bid/921/info Home Free is a suite of Perl cgi scripts that allow a website to support user contributions of various types. One of the scripts, search.cgi, accepts a parameter called letter which can be any text string. The supplied argument can contain the...