1327 matches found
JBrowser 1.0/2.x - Unauthorized Admin Access
source: https://www.securityfocus.com/bid/9537/info Due to a lack of access validation to the 'admin' directory, malevolent users may be able to execute arbitrary admin scripts. This may allow a malicious user to upload arbitrary files to the affected system and gain access to files outside of th...
herberlin bremsserver 1.2.4/3.0 - Directory Traversal
source: https://www.securityfocus.com/bid/9493/info Herberlin BremsServer is prone to a directory-traversal vulnerability. An attacker may exploit this issue to gain access to files residing outside the web server root directory of the affected system. This issue exists due to a failure to valida...
MetaDot Portal Server 5.6.x - 'userchannel.pl?op' Cross-Site Scripting
source: https://www.securityfocus.com/bid/9439/info A number of vulnerabilities have been found in all version of MetaDot Corporation's MetaDot Portal Server. Due to a failure of the software to properly validate user input, an attacker may be able to corrupt data, force the server to disclose...
MetaDot Portal Server 5.6.x - 'index.pl' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/9439/info A number of vulnerabilities have been found in all version of MetaDot Corporation's MetaDot Portal Server. Due to a failure of the software to properly validate user input, an attacker may be able to corrupt data, force the server to disclose...
GuppY 2.4 - HTML Injection
GuppY 2.4 - HTML Injection source: https://www.securityfocus.com/bid/8717/info It has been reported that one of the scripts included with GuppY is vulnerable to an HTML injection attack. The script, "postguest.php", does not perform input validation to prevent the inclusion of HTML/script content...
PGPMail.pl does not adequately validate user input thereby allowing arbitrary command execution
Overview PGPMail.pl does not adequately filter user input, allowing arbitrary command execution. Description PGPMail.pl is an adaptation of the FormMail.pl CGI script, enhanced to use PGP encryption. PGPMail.pl does not adequately filter the "recipient" and "pgpuserid" CGI variables before passin...
Dispair 0.1/0.2 - Remote Command Execution
source: https://www.securityfocus.com/bid/5392/info Dispair fails to sufficiently validate user-supplied input before it is passed to the shell via the Perl open function. Remote attackers may potentially exploit this issue to execute arbitrary commands on the underlying shell with the privileges...
Cobalt Qube 3.0 - Authentication Bypass
source: https://www.securityfocus.com/bid/5297/info A vulnerability has been reported for Cobalt Qube that may allow an attacker to bypass the authentication mechanism and obtain administrative privileges. The vulnerability occurs because of a weak authentication mechanism with Cobalt Qube...
E-Guest 1.1 - Server Side Include Arbitrary Command Execution
E-Guest 1.1 - Server Side Include Arbitrary Command Execution source: https://www.securityfocus.com/bid/5129/info E-Guest guest book is a freely available, open source guest book. It is designed for Unix and Linux operating systems. E-Guest does not adequately sanitize user-supplied input in gues...
File send interception in AIM
Durig file trasmitio icomig connection is accepted without additioal user or IP validation...
QPopper 4.0.x - PopAuth Trace File Shell Command Execution
QPopper 4.0.x - PopAuth Trace File Shell Command Execution source: https://www.securityfocus.com/bid/3710/info Qpopper is a freely available, open source Post Office Protocol server. It is maintained and distributed by Qualcomm. When popauth is executed with the trace option, it does not correctl...
Interactive Story File Disclosure Vulnerability
Interactive Story File Disclosure Vulnerability qDefense Advisory Number QDAV-2001-7-3 Product: Interactive Story Vendor: Valerie Mates http://www.valeriemates.com Severity: Remote; Attacker may read arbitrary file Versions Affected: Version 1.3 Vendor Status: Vendor contacted; has released new...
AdCycle SQL Command Insertion Vulnerability - qDefense Advisory Number QDAV-2001-7-2
AdCycle SQL Command Insertion Vulnerability qDefense Advisory Number QDAV-2001-7-2 Product: AdCycle Vendor: AdCyle http://adcycle.com Severity: Remote; Attacker may gain AdCycle administrator status Versions Affected: Versions up to and including 1.15 Vendor Status: Vendor contacted; has released...
QDAV-2001-7-1
--=====================133743754==.ALT Content-Type: text/plain; charset="us-ascii"; format=flowed Multiple CGI Flat File Database Manipulation Vulnerability qDefense Advisory Number QDAV-2001-7-1 Product: Numerous CGI's Vendor: Numerous Vendors Severity: Remote; Severity varies, but can often be...
DCForum Password File Manipukation Vulnerability (qDefense Advisory Number QDAV-5-2000-2)
DCForum Password File Manipulation Vulnerability qDefense Advisory Number QDAV-5-2000-2 Product: DCForum Vendor: D.C. Script Version Tested: DCForum 2000 1.0 Version 6.0 is believed to be vulnerable as well Severity: Remote; Any attacker may gain DCForum admin privileges, which result in...
IRIX 5.3/6.x - 'netprint' Arbitrary Shared Library Usage
// source: https://www.securityfocus.com/bid/2656/info The 'netprint' utility shipped with SGI Irix systems is used to send print jobs to print spoolers on remote hosts. It is installed setuid root by default. At the command line, 'netprint' accepts an option to specify the network type -n. This...
qDefense Advisory: DCForum allows remote read/write/execute
qDefense Advisory Number QDAV-5-2000-1 Product: DCForum Vendor: DCScripts www.dcscripts.com Version Tested: DCForum 2000 1.0 Severity: Any remote attacker may gain read/write/execute privilleges Cause: Failure to validate input; Trust of hidden fields; Allows uploading of arbitrary files by defau...
Cgisecurity.com advisory #4 The Free On-line Dictionary of Computing
The vendor has been contacted on this issue and it is being fixed. please visit his page for further updates. Just so all the script kids know it does allow partial command execution. The only limit to this is commands with arguements. EX: limited to single commands like ls,ps Debian also has thi...
phf CGI Script fails to guard against newline characters
Overview This document describes a vulnerability in a CGI script known as phf which was widely exploited in 1996 and 1997. Description The phf CGI script constructs a partial command line consisting of the ph command and appropriate arguments, and completes the command line based on the input fro...
Lotus ESMTP Service (Lotus Domino Release 5.0.1 (Intl))
Not much to say. While performing basic input validation checks in Lotus Domino ESMTP service see subject running on the top of Windows NT system this applies probably to other platforms as well, within approximately 30 seconds we found remote buffer overflow leading to system crash and, if...