486 matches found
SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit
Inge Henriksen Security Advisory - Full Disclosure Proof of Concept at http://ingehenriksen.blogspot.com/ Advisory Name: SoftArtisans FileUpTM viewsrc.asp remote script source disclosure exploit Tested and Confirmed Vulerable: SoftArtisans SAFileUpTM 5.0.14 Standard Severity: High Type: Script...
CVE-2006-6663
The server component in Marathon Aleph One before 0.17.1 and 2006-12-17 allows remote attackers to cause a denial of service application crash via unspecified vectors related to "gathering net games."...
Apache Tomcat fails to properly handle certain requests
Overview Apache Tomcat does not properly handle certain types of requests allowing a remote attacker to cause a denial of service. Description Apache Tomcat is an implementation of the Java Servlet and JavaServer Page JSP technologies. Tomcat uses the AJP12 protocol on TCP 8007 by default for...
Kukol E.V. HTTP & FTP Server Suite 6.2 - File Disclosure
source: https://www.securityfocus.com/bid/8564/info The web server component of Kukol E.V. HTTP & FTP Server Suite is prone to a file disclosure vulnerability. Remote web users may use directory traversal sequences in requests to gain access to files outside of the server's web root directory...
SurgeLDAP 1.0 d - Full Path Disclosure
SurgeLDAP 1.0 d - Full Path Disclosure source: https://www.securityfocus.com/bid/8406/info SurgeLDAP is prone to a path disclosure vulnerability. It is possible to gain access to sensitive path information by issuing an HTTP GET request for an invalid resource. This issue exists in the web server...
SurgeLDAP 1.0 d - User.cgi Cross-Site Scripting
SurgeLDAP 1.0 d - User.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/8407/info SurgeLDAP is prone to cross-site scripting attacks. Remote attackers may exploit this issue by enticing a user to visiting a malicious link that includes hostile HTML and script code. This code may...