Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5314 matches found

securityvulns
securityvulnsadded 2007/08/03 12:0 a.m.48 views

OpenWebMail Multiple XSS vuln.

OpenWebMail Multiple XSS vuln. Vuln. discovered by : r0t Date: 2 August 2007 vendor:openwebmail.org orginal advisory: http://pridels-team.blogspot.com/2007/08/openwebmail-multiple-xss-vuln.html affected versions:2.52 20060831 and previous OpenWebMail contains multiple flaws that allows a remote...

6.8AI score
Exploits0
securityvulns
securityvulnsadded 2007/08/01 12:0 a.m.43 views

WebDirector XSS vuln.

WebDirector XSS vuln. Vuln. discovered by : r0t Date: 1 August 2007 vendor:www.webdirector.ru orginal advisory: http://pridels-team.blogspot.com/2007/08/webdirector-xss-vuln.html affected versions:2.2 and previous WebDirector contains a flaw that allows a remote Cross-Site Scripting attacks.Input...

Exploits0
Packet Storm
Packet Stormadded 2007/07/31 12:0 a.m.29 views

corehttp-overflow.txt

/ corehttpv0.5.3alpha: httpd remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xcorehttp.c -o xcorehttp syntax: ./xcorehttp -r -h host -p port corehttp homepage/url: http://corehttp.sourceforge.net/ bughttp.c:...

7.4AI score
Exploits0
NVD
NVDadded 2007/07/26 7:30 p.m.10 views

CVE-2007-4025

Unspecified vulnerability in Sun Java System SJS Application Server 8.1 through 9.0 before 20070724 on Windows allows remote attackers to obtain JSP source code via unspecified vectors...

4.3CVSS6.8AI score0.00815EPSS
Exploits0References8
Prion
Prionadded 2007/07/26 7:30 p.m.16 views

Code injection

Unspecified vulnerability in Sun Java System SJS Application Server 8.1 through 9.0 before 20070724 on Windows allows remote attackers to obtain JSP source code via unspecified vectors...

4.3CVSS7.3AI score0.00815EPSS
Exploits0References8Affected Software1
Cvelist
Cvelistadded 2007/07/26 7:0 p.m.14 views

CVE-2007-4025

Unspecified vulnerability in Sun Java System SJS Application Server 8.1 through 9.0 before 20070724 on Windows allows remote attackers to obtain JSP source code via unspecified vectors...

6.8AI score0.00815EPSS
Exploits0References8
securityvulns
securityvulnsadded 2007/06/28 12:0 a.m.66 views

DirectAdmin XSS vuln.

DirectAdmin XSS vuln. Vuln. discovered by : r0t Date: 28 June 2007 vendor:http://www.directadmin.com orginal advisory: http://pridels-team.blogspot.com/2007/06/directadmin-xss-vuln.html affected versions:v1.30.1 and previous DirectAdmin contains a flaw that allows a remote Cross-Site Scripting...

0.2AI score
Exploits0
securityvulns
securityvulnsadded 2007/06/27 12:0 a.m.35 views

QuickTicket multiple sql inj.

QuickTicket multiple sql inj. Vuln. discovered by : r0t Date: 27 June 2007 vendor:http://www.qt-cute.org/ orginal advisory: http://pridels-team.blogspot.com/2007/06/quickticket-multiple-sql-inj.html affected versions: tested on QuickTicket 1.2 build:20070621 other versions also can be affected...

1.2AI score
Exploits0
NVD
NVDadded 2007/06/26 6:30 p.m.20 views

CVE-2007-3407

Sergey Lyubka Simple HTTPD shttpd 1.38 allows remote attackers to obtain sensitive information script source code via a URL with a trailing encoded space %20...

5CVSS6AI score0.11541EPSS
Exploits2References6
Prion
Prionadded 2007/06/26 6:30 p.m.19 views

Code injection

Sergey Lyubka Simple HTTPD shttpd 1.38 allows remote attackers to obtain sensitive information script source code via a URL with a trailing encoded space %20...

5CVSS6.3AI score0.11541EPSS
Exploits2References6Affected Software1
Packet Storm
Packet Stormadded 2007/06/26 12:0 a.m.25 views

myserver-disclose.txt

The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files. Found By:Shay Priel aka Prili site: http://www.myserverproject.net/ poc: ---- http://localhost/cgi-bin/post.mscgI I -...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2007/06/26 12:0 a.m.112 views

SHTTPD V1.38 server source code disclosure

SHTTPD V1.38 server source code disclosure ------------------------------------ link:http://shttpd.sourceforge.net/ info: The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files...

7.1AI score
Exploits0
securityvulns
securityvulnsadded 2007/06/26 12:0 a.m.22 views

SHTTPD HTTP server information leak

It's possible to access scripts source code with request of kind http://127.0.0.1/test.php20...

0.7AI score
Exploits0References1Affected Software1
Prion
Prionadded 2007/06/22 6:30 p.m.11 views

Design/Logic Flaw

MyServer 0.8.9 and earlier does not properly handle uppercase characters in filename extensions, which allows remote attackers to obtain sensitive information script source code via a modified extension, as demonstrated by post.mscgI...

7.8CVSS6.7AI score0.14166EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2007/06/22 6:0 p.m.15 views

CVE-2007-3365

MyServer 0.8.9 and earlier does not properly handle uppercase characters in filename extensions, which allows remote attackers to obtain sensitive information script source code via a modified extension, as demonstrated by post.mscgI...

7.3AI score0.14166EPSS
Exploits0References6
securityvulns
securityvulnsadded 2007/06/22 12:0 a.m.47 views

access2asp XSS vuln.

access2asp XSS vuln. Vuln. discovered by : r0t Date: 22 June 2007 vendor:http://www.access2asp.com/ orginal advisory: http://pridels-team.blogspot.com/2007/06/access2asp-xss-vuln.html affected versions: access2asp v4.5 and prior access2asp contains a flaw that allows a remote Cross-Site Scripting...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2007/06/22 12:0 a.m.42 views

ClickGallery Server vuln.

ClickGallery Server vuln. Vuln. discovered by : r0t Date: 2 May 2007 vendor:http://www.clicktech.com/ orginal advisory: http://pridels-team.blogspot.com/2007/06/clickgallery-server-vuln.html affected versions: 5.1 and previous 1. ClickGallery Server contains a flaw that allows a remote sql...

0.9AI score
Exploits0
NVD
NVDadded 2007/06/21 6:30 p.m.9 views

CVE-2007-3327

httpsv.exe in HTTP Server 1.6.2 allows remote attackers to obtain sensitive information script source code via a URI with a trailing %20 encoded space...

5CVSS6.1AI score0.06187EPSS
Exploits1References5
Prion
Prionadded 2007/06/21 6:30 p.m.12 views

Code injection

httpsv.exe in HTTP Server 1.6.2 allows remote attackers to obtain sensitive information script source code via a URI with a trailing %20 encoded space...

5CVSS6.6AI score0.06187EPSS
Exploits1References5Affected Software1
securityvulns
securityvulnsadded 2007/06/21 12:0 a.m.48 views

PHPAccounts vuln.

PHPAccounts vuln. Vuln. discovered by : r0t Date: 21 June 2007 vendor:http://phpaccounts.com/ orginal advisory: http://pridels-team.blogspot.com/2007/06/phpaccounts-vuln.html affected versions: PHPAccounts 0.5 other versions also can be affected. 1.Local file inclussion PHPAccounts contains a fla...

1.4AI score
Exploits0
Rows per page
Query Builder