Lucene search
+L

994 matches found

packetstorm
packetstorm
added 2000/08/09 12:0 a.m.32 views

robpoll-cgi-problem.txt

Software: Robpoll.cgi URL: http:// Platforms: Unix, NT Type: CGI, Change password by default robpoll.cgi Remote Possible Problem discovered by Nick: alt3kx Mail: [email protected] Webs: w w w . h e r t m x . o r g w w w . s 0 d . o r g w w w . r a z a - m e x i c a n a . o r g Summary:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/07/14 12:0 a.m.81 views

Big Brother filename extension vulnerability

versions affected: bb14h2 current and older exploit: bbd listens for incoming connections on port 1984. Using telnet or the bb client, it is possible to connect and create a filename with an arbitrary extension, as the extension is not rigorously checked. As this file is droped into a directory...

2.3AI score
Exploits0
securityvulns
securityvulns
added 2000/06/15 12:0 a.m.19 views

Дырка в Selena Sol Webbanner

Обратный путь в директориях позволяет получить любой файл с сервера...

0.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2000/05/04 12:0 a.m.55 views

Дыра в Quake 3 Arena

Со стороны сервера можно прочитать/записать любой файл на клиентской машине используя обратный путь в директориях...

0.8AI score
Exploits0References1Affected Software1
cve
cve
added 2000/02/04 5:0 a.m.59 views

CVE-1999-0455

CVE-1999-0455 concerns the ColdFusion "Expression Evaluator" sample app, where the exprcalc.cfm page improperly restricts server access. The vulnerability allows remote attackers to read or delete files on the server, via a misconfigured access control in the Expression Evaluator workflow. Docume...

7.5CVSS6.6AI score0.05845EPSS
Exploits0References1Affected Software1
exploitdb
exploitdb
added 1999/11/29 12:0 a.m.32 views

symantec mail-gear 1.0 - Directory Traversal

source: https://www.securityfocus.com/bid/827/info Mail-Gear, a multi-purpose filtering email server, includes a webserver for remote administration and email retrieval. This webserver is vulnerable to the '../' directory traversal attack. By including the string '../' in the URL, remote attacker...

7.4AI score
Exploits0
exploitdb
exploitdb
added 1999/11/09 12:0 a.m.30 views

CGI City CC Whois 1.0 - MetaCharacter

source: https://www.securityfocus.com/bid/2000/info Whois scripts provide InterNIC lookup services via HTTP. The vulnerable scripts include versions of Matt's Whois and CGI City Whois. Older versions of these fail to filter metacharacters, allowing execution of arbitrary commands by embedding the...

7.4AI score
Exploits0
freebsd
freebsd
added 1999/07/29 12:0 a.m.39 views

squid -- possible abuse of cachemgr.cgi

The squid patches page notes: This patch adds access controls to the cachemgr.cgi script, preventing it from being abused to reach other servers than allowed in a local configuration file...

7.5CVSS6.2AI score0.116EPSS
Exploits0References2
nessus
nessus
added 1999/07/13 12:0 a.m.352 views

Web Server /cgi-bin Shell Access

The remote web server has one of these shells installed in /cgi-bin : ash, bash, csh, ksh, sh, tcsh, zsh Leaving executable shells in the cgi-bin directory of a web server may allow an attacker to execute arbitrary commands on the target machine with the privileges of the HTTP daemon. %NASLMINLEV...

10CVSS6.1AI score0.33392EPSS
Exploits0References1
nvd
nvd
added 1999/02/25 5:0 a.m.28 views

CVE-1999-0408

Files created from interactive shell sessions in Cobalt RaQ microservers e.g. .bashhistory are world readable, and thus are accessible from the web server...

10CVSS6.6AI score0.01518EPSS
Exploits0References1
exploitpack
exploitpack
added 1998/12/15 12:0 a.m.22 views

Greg Matthews - Classifieds.cgi 1.0 MetaCharacter

Greg Matthews - Classifieds.cgi 1.0 MetaCharacter source: https://www.securityfocus.com/bid/2020/info Classifieds.cgi is a perl script part of the classifieds package by Greg Matthews which provides simple classified ads to web sites. Due to improper input validation it can be used to read files ...

7.4AI score
Exploits0
nvd
nvd
added 1997/07/01 4:0 a.m.27 views

CVE-1999-0526

An X server's access control is disabled e.g. through an "xhost +" command and allows anyone to connect to the server...

10CVSS0.20978EPSS
Exploits3References1
ptsecurity
ptsecurity
added 1997/01/01 12:0 a.m.7 views

PT-1997-1076 · Nms · Formmail Cgi

Name of the Vulnerable Software and Affected Versions: FormMail CGI program affected versions not specified Description: The issue concerns the FormMail CGI program, which can be utilized by web servers other than the host server where the program resides. Recommendations: At the moment, there is...

5CVSS6.3AI score0.04923EPSS
Exploits0References3
exploitdb
exploitdb
added 1995/10/30 12:0 a.m.35 views

Microsoft Windows 95/Windows for Workgroups - 'smbclient' Directory Traversal

source: https://www.securityfocus.com/bid/1884/info Samba is a set of of programs that allow Windows® clients access to a Unix server's filespace and printers over NetBIOS. A directory traversal vulnerability exists in Microsoft's implementation of the SMB file and print sharing protocol for...

7AI score
Exploits0
Rows per page
Query Builder