CVE-2007-2553

Unspecified vulnerability in dop in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 allows local users to gain privileges via a large amount of data in the environment, as demonstrated by a long environment variable...

Php-Stats <= 0.1.9.1b (php-stats-options.php) admin 2 exec() eExploit

No description provided by source. ?php printr' --------------------------------------------------------------------------- Php-Stats = 0.1.9.1b admin 2 exec exploit by rgod mail: retrog at alice dot it site: http://retrogod.altervista.org dork example: inurl:php-stats.js.php...

Remote IIS 5.x and IIS 6.0 Server Name Spoof

Remote IIS 5.x and IIS 6.0 Server Name Spoof It is possible to remotely spoof the "SERVERNAME" Microsoft® Internet Information Server® 5.0, 5.1 and 6.0 server variable by doing a modified HTTP request. Thus potentially revealing sensitive ASP code through the IIS 500-100.asp error page, the spoof...

NSFOCUS SA2004-02 : HP-UX stmkfont Local Privilege Escalation Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NSFOCUS Security AdvisorySA2004-02 Topic: HP-UX stmkfont Local Privilege Escalation Vulnerability Release Date: 2004-10-20 CVE CAN ID: CAN-2004-0965 http://www.nsfocus.com/english/homepage/research/0402.htm Affected system: =================== - - HP-...

@lex Guestbook (PHP) Include file

Informations : °°°°°°°°°°°°°° Website : http://www.alexphpteam.com Version : all Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° ./include/livreinclude.php ------------------------------------------------------------------ if !$noconnect.... some include functions...

VisualShapers EZContents 1.x2.0 - db.php Arbitrary File Inclusion

VisualShapers EZContents 1.x2.0 - db.php Arbitrary File Inclusion source: https://www.securityfocus.com/bid/9638/info It has been reported that ezContents may be prone to a file include vulnerability in multiple modules. The problem reportedly exists because remote users may influence the...

kpopup -- local root exploit and local denial of service

Mitre CVE reports: Format string vulnerability in main.cpp in kpopup 0.9.1-0.9.5pre2 allows local users to cause a denial of service segmentation fault and possibly execute arbitrary code via format string specifiers in command line arguments. misc.cpp in KPopup 0.9.1 trusts the PATH variable whe...

CVE-2003-0742

SCO Internet Manager mana allows local users to execute arbitrary programs by setting the REMOTEADDR environment variable to cause menu.mana to run as if it were called from ncsahttpd, then modifying the PATH environment variable to point to a malicious "hostname" program...

PT-2003-1835 · Sco · Sco Internet Manager

Name of the Vulnerable Software and Affected Versions: SCO Internet Manager mana affected versions not specified Description: The issue allows local users to execute arbitrary programs. This is achieved by setting the REMOTE ADDR environment variable to make menu.mana run as if it were called fro...

OpenServer 5.0.7 OpenServer 5.0.6 OpenServer 5.0.5 : SCO Internet Manager - local users can gain root level privileges.

To: [email protected] [email protected] [email protected] -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: OpenServer 5.0.7 OpenServer 5.0.6 OpenServer 5.0.5 : SCO Internet Manager - local users can gain root level privileges. Advisory...

CVE-2001-1471

prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP code via an invalid language value, which prevents the variables 1 $lstatsblock in prefs.php or 2 $lprivnotify in auth.php from being properly initialized, which can be modified by the user and later...

CVE-2001-0087

itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program...

CVE-2000-1132

DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable...

CNC Technology BizDB 1.0 - bizdb-search.cgi Remote Command Execution

CNC Technology BizDB 1.0 - bizdb-search.cgi Remote Command Execution source: https://www.securityfocus.com/bid/1104/info BizDB is a web databse integration product using perl CGI scripts. One of the scripts, bizdb-search.cgi, passes a variable's contents to an unchecked open call and can therefor...

textcounter.pl 1.2 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/2265/info textcounter.pl is distributed through Matt's Scripts archive, and provides added features to httpd servers such as counters, guestbooks, and http cookie management. Due to insufficient checking of entered characters, it is possible for a remote...

CVE-1999-0046

Buffer overflow of rlogin program using TERM environmental variable...