106 matches found
EasyDynamicPages 1.0 - 'config_page.php' PHP Remote File Inclusion
source: https://www.securityfocus.com/bid/9338/info EasyDynamicPages is prone to a remote file include vulnerability in a configuration script. This will permit a remote attack to include malicious PHP scripts from remote servers, which will then be executed by the web server hosting the vulnerab...
ttCMS 2.2 / ttForum 1.1 - 'news.php?template' Remote File Inclusion
source: https://www.securityfocus.com/bid/7542/info A remote file include vulnerability has been reported for both ttForum and ttCMS. Due to insufficient sanitization of some user-supplied variables by the 'News.php' and 'Install.php' scripts, it is possible for a remote attacker to include a...
Выполнение JavaScript в контексте сервера
Можно вставить javascript в URL таким образом, что javascript будет выполнен в контексте сервера...
Microsoft Frontpage Server Remote Application Deployment (RAD) component vulnerable to buffer overflow via malformed packet sent to server component
Overview Microsoft Frontpage Server Remote Application Deployment RAD component contains an unchecked buffer which can allow an intruder to execute arbitrary code with the privileges of IUSRmachinename or system. Description A buffer overflow in the Microsoft Frontpage Server Remote Application...
Buffer Overflow in Lotus Domino Mail Server
Overview Lotus Domino R5 SMTP Server Contains a Buffer Overflow Description The Lotus Domino R5 SMTP server allows an administrator to restrict the domains from which the server will accept mail. In versions of Domino R5 prior to version 5.0.6 with domain restrictions enabled an intruder may be...
Дырка в KW Whois (unparsed shell chars)
Вызов внешней программы со строкой введенной пользователем позволяет выполнить любое приложение на сервере...