283 matches found
Default configuration
The web server for D-Link Wireless Access-Point DWL-2100ap firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration information including passwords...
CVE-2002-2007
The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages JSP in the 1 test/jsp, 2 samples/jsp and 3 examples/jsp directories, or the 4...
Mcafee FreeScan CoMcFreeScan Browser - Information Disclosure
Mcafee FreeScan CoMcFreeScan Browser - Information Disclosure source: https://www.securityfocus.com/bid/10077/info Reportedly the Mcafee FreeScan 'McFreeScan.CoMcFreeScan.1' COM object is prone to a remote information disclosure vulnerability. This issue is due to a failure of the object to...
Mcafee FreeScan CoMcFreeScan Browser - Information Disclosure
source: https://www.securityfocus.com/bid/10077/info Reportedly the Mcafee FreeScan 'McFreeScan.CoMcFreeScan.1' COM object is prone to a remote information disclosure vulnerability. This issue is due to a failure of the object to properly validate information access credentials. Successful...
MTools 3.9.x - 'MFormat' Local Privilege Escalation
source: https://www.securityfocus.com/bid/9746/info It has been reported that mformat is prone to a privilege escalation vulnerability when installed as a setUID application. This issue is due to a design error allowing a user to create any arbitrary files as the root user. A local attacker could...
Fools Workshop Owls Workshop 1.0 - resultsignore.php Arbitrary File Access
Fools Workshop Owls Workshop 1.0 - resultsignore.php Arbitrary File Access source: https://www.securityfocus.com/bid/9689/info Owl's Workshop is reported prone to multiple remote file-disclosure vulnerabilities because the application fails to validate user-supplied input passed via a URI...
Fool's Workshop Owl's Workshop 1.0 - '/glossaries/index.php?File' Arbitrary File Access
source: https://www.securityfocus.com/bid/9689/info Owl's Workshop is reported prone to multiple remote file-disclosure vulnerabilities because the application fails to validate user-supplied input passed via a URI parameter. Upon successful exploitation of these issues, an attacker may be able t...
Fool's Workshop Owl's Workshop 1.0 - 'resultsignore.php' Arbitrary File Access
source: https://www.securityfocus.com/bid/9689/info Owl's Workshop is reported prone to multiple remote file-disclosure vulnerabilities because the application fails to validate user-supplied input passed via a URI parameter. Upon successful exploitation of these issues, an attacker may be able t...
Fool's Workshop Owl's Workshop 1.0 - 'newmultiplechoice.php' Arbitrary File Access
source: https://www.securityfocus.com/bid/9689/info Owl's Workshop is reported prone to multiple remote file-disclosure vulnerabilities because the application fails to validate user-supplied input passed via a URI parameter. Upon successful exploitation of these issues, an attacker may be able t...
Fool's Workshop Owl's Workshop 1.0 - 'multiplechoice/index.php' Arbitrary File Access
source: https://www.securityfocus.com/bid/9689/info Owl's Workshop is reported prone to multiple remote file-disclosure vulnerabilities because the application fails to validate user-supplied input passed via a URI parameter. Upon successful exploitation of these issues, an attacker may be able t...
ShopCartCGI 2.3 - genindexpage.cgi Traversal Arbitrary File Access
ShopCartCGI 2.3 - genindexpage.cgi Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/9670/info It has been reported that ShopcartCGI is prone to a remote file disclosure vulnerability. This issue is due to insufficient validation of user-supplied input. Upon successful...
ShopCartCGI 2.3 - gotopage.cgi Traversal Arbitrary File Access
ShopCartCGI 2.3 - gotopage.cgi Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/9670/info It has been reported that ShopcartCGI is prone to a remote file disclosure vulnerability. This issue is due to insufficient validation of user-supplied input. Upon successful...
ShopCartCGI 2.3 - 'gotopage.cgi' Traversal Arbitrary File Access
source: https://www.securityfocus.com/bid/9670/info It has been reported that ShopcartCGI is prone to a remote file disclosure vulnerability. This issue is due to insufficient validation of user-supplied input. Upon successful exploitation of this issue an attacker may be able to gain access to...
ShopCartCGI 2.3 - genindexpage.cgi Traversal Arbitrary File Access
source: https://www.securityfocus.com/bid/9670/info It has been reported that ShopcartCGI is prone to a remote file disclosure vulnerability. This issue is due to insufficient validation of user-supplied input. Upon successful exploitation of this issue an attacker may be able to gain access to...
Qualiteam X-Cart 3.x - Multiple Remote Information Disclosure Vulnerabilities
Qualiteam X-Cart 3.x - Multiple Remote Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/9563/info X-Cart has been reported to be prone to an issue that may allow remote attackers to view any web server readable files on the affected system. The issue is caused by a...
Happymall E-Commerce Software 4.34.4 - Normal_HTML.cgi File Disclosure
Happymall E-Commerce Software 4.34.4 - NormalHTML.cgi File Disclosure source: https://www.securityfocus.com/bid/7559/info IT has been reported that Happymall E-Commerce is prone to a file disclosure vulnerability. The problem occurs due to insufficient sanitization of user-supplied URI parameters...
Happymall E-Commerce Software 4.3/4.4 - 'Normal_HTML.cgi' File Disclosure
source: https://www.securityfocus.com/bid/7559/info IT has been reported that Happymall E-Commerce is prone to a file disclosure vulnerability. The problem occurs due to insufficient sanitization of user-supplied URI parameters. As a result, it may be possible for an attacker to view the contents...
MySQL 3.20.32 a/3.23.34 - Root Operation Symbolic Link File Overwriting
source: https://www.securityfocus.com/bid/2522/info MySQL is a relational database management system RDBMS, freely available and open source. It is maintained by MySQL AB. A problem with the implementation of some MySQL databases may permit local users to overwrite sensitive system files. This...
CVE-2000-0283
The vulnerability CVE-2000-0283 affects IRIX Performance Copilot (pmcd daemon). In default installations, remote attackers could access sensitive system information via pmcd, leading to partial confidentiality impact. The issue is tied to the service exposing data; the documented remediation is t...
CVE-2000-0905
QNX Embedded Resource Manager in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read sensitive system statistics information via the embedded.html web page...