Acme thttpd < 2.24 CGI Test Script Symlink Arbitrary File Overwrite

Binary data 3282.prm...

CVE-2005-1080

Directory traversal vulnerability in the Java Archive Tool Jar utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. dot dot in filenames in a .jar file...

Horde and IMP Test Script Disclosure

Binary data 1532.prm...

Xitami testssi.ssi HTTP Header XSS

The remote Xitami server is distributed with a script for testing server-side includes, '/testssi.ssi'. This script is vulnerable to a cross-site scripting issue when sent a request with a malformed Host or User-Agent header. An attacker may exploit this flaw the steal the authentication...

Working Resources BadBlue Server 2.40 - &#039;PHPtest.php&#039; Full Path Disclosure

source: https://www.securityfocus.com/bid/9737/info It has been reported that BadBlue Server may be prone to a remote path disclosure vulnerability that may allow an attacker to disclose the installation path by issuing a request for 'phptest.php' script. BadBlue version 2.4 has been reported to ...

Acme thttpd 1.9/2.0.x - CGI Test Script Cross-Site Scripting

source: https://www.securityfocus.com/bid/9474/info thttpd is prone to a cross-site scripting vulnerability in the CGI test script. This could permit a remote attacker to create a malicious link to the web server that includes hostile HTML and script code. If this link were followed, the hostile...

PT-1996-1006 · Apache +1 · Apache Http Server +4

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue allows access to a list of arbitrary files on a web host via the nph-test-cgi script. Recommendations: At the moment, there is no information about a newer version that contai...