PhpBB viewtopic.php URL Decoding Code Execution - Ver2 (CVE-2004-1315)

A code execution vulnerability has been reported in phpBB. The vulnerability is due to lack of input validation on the highlight parameter supplied to viewtopic. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause...

phpBB viewtopic.php URL Decoding Code Execution - ver 2 (CVE-2004-1315)

A code injection and execution vulnerability has been reported in phpBB. The vulnerability is due to lack of input validation on the highlight parameter supplied to viewtopic.php. A remote attacker can exploit this issue by injecting malicious SQL code to the target server. Successful exploitatio...

MGASA-2013-0188 Updated curl packages fix CVE-2013-2174

libcurl is vulnerable to a case of bad checking of the input data which may lead to heap corruption. The function curleasyunescape decodes URL encoded strings to raw binary data. URL encoded octets are represented with %HH combinations where HH is a two-digit hexadecimal number. The decoded strin...

To bypass the wisdom to create online waf to continue injection-vulnerability warning-the black bar safety net

Wisdom web site professional-grade firewall in some web environments, can be bypassed Detail Description: with various tools, resulting in the web exploit very easy, and web programmer many not all web vulnerabilities are very understanding, and training cost also is very high, therefore, some...

CVE-2010-2375: WebLogic Plugin HTTP Injection via Encoded URLs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: WebLogic Plugin HTTP Injection via Encoded URLs Release Date: 2010-07-13 Application: WebLogic Plugin...

[SECURITY] [DSA 1896-1] New Shibboleth 1.x packages fix potential code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1896-1 [email protected] http://www.debian.org/security/ Florian Weimer September 28, 2009 http://www.debian.org/security/faq -...

CVE-2009-1122

The WebDAV extension in Microsoft Internet Information Services IIS 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authentication Bypass Vulnerability...

Microsoft IIS Security Bypass Vulnerability (970483)

This host is missing a critical security update according to Microsoft Bulletin MS09-020. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft IIS WebDAV Extension URL Decoding Security Bypass (CVE-2009-1535)

Web Distributed Authoring and Versioning WebDAV is a set of extensions for HTTP that allow clients to publish, lock, and manage resources on the Web. An elevation of privilege vulnerability has been reported in the Microsoft Windows WebDAV extension for IIS. The vulnerability is due to an error i...

FreeBSD : squid ACL bypass due to URL decoding bug (705e003a-7f36-11d8-9645-0020ed76ef5a)

From the Squid advisory : Squid versions 2.5.STABLE4 and earlier contain a bug in the '%xx' URL decoding function. It may insert a NUL character into decoded URLs, which may allow users to bypass urlregex ACLs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

Code injection

lighttpd before 1.4.20 compares URIs to patterns in the 1 url.redirect and 2 url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data...

CVE-2008-4359

CVE-2008-4359 affects lighttpd before 1.4.20. The vulnerability arises because URIs are compared against url.redirect/url.rewrite patterns prior to URL decoding, potentially bypassing access restrictions and allowing leakage of information or data modification. IBM’s IMM advisory confirms this CV...

lighttpd < 1.4.20 Multiple Vulnerabilities

According to its banner, the version of lighttpd running on the remote host is prior to 1.4.20. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists in the connectionstatemachine function that is triggered when disconnecting before a download has...

FreeBSD Ports: phpbb

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: squid

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

mod_jk sends decoded URL to tomcat

modjk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. dot dot sequences and...

Microsoft IE FTP跨站命令注入漏洞

BUGTRAQ ID: 28208 Internet Explorer是微软发布的非常流行的WEB浏览器。 如果用户访问了包含有恶意FTP URL的网页的话，Internet Explorer 5和6解码可能无法正确地过滤URL，强制Internet Explorer通过在HTML元素所提供的URL中每条命令后注入URL编码的CRLF对连接起FTP命令。 iframe src="ftp://user@site:port/%0D%0ADELE%20foo.txt%0D%0A//"/ 此外，如果恶意URL的末尾添加了两个斜线的话，Internet...

Debian Security Advisory DSA 1312-1 (libapache-mod-jk)

The remote host is missing an update to libapache-mod-jk announced via advisory DSA 1312-1. OpenVAS Vulnerability Test $Id: deb13121.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1312-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Apache mod_jk: Directory traversal

Background Apache modjk is a connector for the Tomcat web server. Description Apache modjk decodes the URL within Apache before passing them to Tomcat, which decodes them a second time. Impact A remote attacker could browse a specially crafted URL on an Apache server running modjk, possibly gaini...

CVE-2007-1860

modjk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. dot dot sequences and...