CVE-2010-2477

Multiple cross-site scripting XSS vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to 1 paste.urlparser.StaticURLParser, 2...

CVE-2010-3903

Unspecified vulnerability in OpenConnect before 2.23 allows remote AnyConnect SSL VPN servers to cause a denial of service application crash via a 404 HTTP status code...

Code injection

Unspecified vulnerability in OpenConnect before 2.23 allows remote AnyConnect SSL VPN servers to cause a denial of service application crash via a 404 HTTP status code...

OpenX install.php / install-plugin.php Admin Authentication Bypass

The version of OpenX hosted on the remote web server has an authentication bypass vulnerability. Sending a specially crafted request to install.php or install-plugin.php bypasses the normal authentication process. A remote attacker could exploit this to gain administrative access to the OpenX...

Non-compliant Strict Transport Security (STS)

The remote web server implements Strict Transport Security. However, it does not respect all the requirements of the STS draft standard. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid42823; scriptversion"$Revision: 1.7 $"; scriptcvsdate"$Date: 2014/09/19 20:19:00 $"...

http-enum NSE Script

Enumerates directories used by popular web applications and servers. This parses a fingerprint file that's similar in format to the Nikto Web application scanner. This script, however, takes it one step further by building in advanced pattern matching as well as having the ability to identify...

Squid Proxy Invalid HTTP Response Status Code Denial of Service (CVE-2009-2621)

The Squid proxy server is a popular open source, Internet proxy and web caching application. A denial of service vulnerability has been reported in Squid proxy. The vulnerability is due to an error within the Squid proxy that fails to properly handle malformed HTTP responses. A remote attacker ca...

openSUSE 10 Security Update : apache2 (apache2-5126)

This update fixes multiple bugs in apache : - cross site scripting problem in modimap CVE-2007-5000 - cross site scripting problem in modstatus CVE-2007-6388 - cross site scripting problem in the ftp proxy module CVE-2008-0005 - cross site scripting problem in the error page for status code 413...

PnuPG gpgv / gpg invalid return code

Utility returns 0 status code if no signature found...

BadBlue 302 Status Message XSS

BadBlue 1.74 presumably earlier is susceptible to a cross-site scripting attack. When BadBlue is passed a name of a non-existant file path or an existant folder that does not end in a 0x2f character "/" it returns a 302 status code containing some text: HTTP/1.0 302 found Location: /SCRIPT/...