9 matches found
EUVD-2002-2355
Malware in sbrugna...
EUVD-2002-2354
Malware in sbrugna...
CVE-2014-7260
The Server Side Includes SSI implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in SSI directives...
CVE-2014-7260
The Server Side Includes SSI implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in SSI directives...
"File Upload BBS" of i-HTTPD vulnerable to remote command execution
Overview i-HTTPD is a web server for Windows, implementing Server Side Includes SSI. i-HTTPD contains "File Upload BBS". When "File Upload BBS" is activated, a user can upload files on the server, and i-HTTPD processes SSI directives in the uploaded files CWE-97. Yamagata of webappsec.jp reported...
CVE-2002-2376
Cross-site scripting XSS vulnerability in E-Guestsign.pl in E-Guest 1.1 allows remote attackers to inject arbitrary SSI directives, web script, and HTML via the 1 full name, 2 email, 3 homepage, and 4 location parameters. NOTE: this issue might overlap CVE-2005-1605...
CVE-2002-2376
CVE-2002-2376 is an XSS vulnerability in E-Guest_sign.pl for E-Guest 1.1. The issue allows remote attackers to inject arbitrary SSI directives, web script, and HTML through the (1) full name, (2) email, (3) homepage, and (4) location parameters. The description notes possible overlap with CVE-200...
CVE-2002-2377
Cross-site scripting XSS vulnerability in addentry.cgi in ZAP 1.0.3 allows remote attackers to inject arbitrary SSi directives, web script, and HTML via the entry field...
CVE-2001-0506
Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes SSI directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability...