Lucene search
K

1051 matches found

seebug.org
seebug.org
added 2007/12/09 12:0 a.m.13 views

Simple HTTPD <= 1.38 Multiple Remote Vulnerabilities

No description provided by source. Luigi Auriemma Application: Simple HTTPD http://shttpd.sourceforge.net Versions: = 1.38 Platforms: Windows, nix, QNX, RTEMS only Windows seems vulnerable Bugs: A directory traversal B scripts and CGI viewing/downloading %20 char found by Shay priel in Jun 2007...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/12/08 12:0 a.m.31 views

simple-traverse.txt

Luigi Auriemma Application: Simple HTTPD http://shttpd.sourceforge.net Versions: = 1.38 Platforms: Windows, nix, QNX, RTEMS only Windows seems vulnerable Bugs: A directory traversal B scripts and CGI viewing/downloading %20 char found by Shay priel in Jun 2007 Exploitation: remote Date: 07 Dec 20...

7.4AI score
Exploits0
0day.today
0day.today
added 2007/12/07 12:0 a.m.17 views

Simple HTTPD <= 1.38 Multiple Remote Vulnerabilities

Exploit for unknown platform in category remote exploits ==================================================== Simple HTTPD = 1.38 Multiple Remote Vulnerabilities ==================================================== Luigi Auriemma Application: Simple HTTPD http://shttpd.sourceforge.net Versions: =...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/09/18 12:0 a.m.47 views

R-Viewer < 1.6.3768 Multiple Vulnerabilities

R-Viewer, a secure document viewer from remotedocs.com, is installed on the remote host. According to the registry, the installation of R-Viewer on the remote Windows host allows arbitrary code to be executed without a user's knowledge and stores unencrypted copies of previously-opened documents ...

9.3CVSS6.2AI score0.04574EPSS
Exploits0References4
CVE
CVE
added 2007/09/14 12:0 a.m.54 views

CVE-2007-4888

The CVE-2007-4888 entry concerns XWiki 1.0 B1 and 1.0 B2. The issue is an error handler flaw where the doc variable is associated with the entire document content and metadata regardless of a user’s view rights. This allows remote authenticated users to read arbitrary documents by using a custom ...

3.5CVSS6.2AI score0.00773EPSS
Exploits0References2Affected Software1
Exploit DB
Exploit DB
added 2007/07/23 12:0 a.m.28 views

PHMe 0.0.2 - &#039;Function_List.php&#039; Local File Inclusion

source: https://www.securityfocus.com/bid/25011/info PHMe is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts. PHMe 0.0.2 is vulnerable; other version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/06/18 12:0 a.m.29 views

WebIf - &#039;OutConfig&#039; Local File Inclusion

source: https://www.securityfocus.com/bid/24516/info WebIf is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts...

7AI score
Exploits0
NVD
NVD
added 2007/02/23 3:28 a.m.16 views

CVE-2006-7037

Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to 1 bypass password protection by replacing the password field with a hash of a known...

4.4CVSS6.3AI score0.00317EPSS
Exploits0References6
Cvelist
Cvelist
added 2007/02/23 1:0 a.m.23 views

CVE-2006-7037

Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to 1 bypass password protection by replacing the password field with a hash of a known...

6.3AI score0.00317EPSS
Exploits0References6
Exploit DB
Exploit DB
added 2007/02/23 12:0 a.m.23 views

XT:Commerce 3.04 - &#039;index.php&#039; Local File Inclusion

source: https://www.securityfocus.com/bid/22698/info xt:Commerce is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts. xt:Commerce 3.04 and prior...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/11/08 12:0 a.m.11 views

PHPMyChat 0.140.15 - Languages.Lib.php Local File Inclusion

PHPMyChat 0.140.15 - Languages.Lib.php Local File Inclusion source: https://www.securityfocus.com/bid/20962/info phpMyChat is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2006/08/17 12:0 a.m.22 views

OZJournal15.txt

OZJournal v1.5 Homepage: http://ozjournals.awardspace.com/index.php Affected files: search input box index.php viewing archives show comment page ---------------------------------------- XSS vulnerability via search input box: Data isn't properly sanatized before being displayed. For a PoC in the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/08/03 12:0 a.m.36 views

OZJournal v1.5 - XSS

OZJournal v1.5 Homepage: http://ozjournals.awardspace.com/index.php Affected files: search input box index.php viewing archives show comment page ---------------------------------------- XSS vulnerability via search input box: Data isn't properly sanatized before being displayed. For a PoC in the...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2006/06/26 12:0 a.m.30 views

bingbox.txt

Bingbox.com Homepage: http://www.bingbox.com Affected files: Profile input boxes: - City input Registering Viewing Birthdays Adding a friend Viewing people online ----------------------------------------------- XSS with cookie disclosure via inviting friends:...

7.4AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/06/23 12:0 a.m.37 views

JVN#67974490 Webmin directory traversal vulnerability

Impact A remote attacker could view files on the computer without authentication. Private information could be leaked as a result. Solution Products Affected Webmin 1.280 and earlier Usermin 1.210 and earlier As of June 30, 2006, patched versions of the module addressing this vulnerability for al...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2006/06/21 12:0 a.m.32 views

apnaspace.txt

Apnaspace.com A myspace type site for arab & indian teens Homepage: http://www.http://www.apnaspace.com Effected files: Comment input box: Posting a blog entry: - Entry title - Entry body Viewing a profile Posting a bulletin. Commenting on a picture Sending mail to someone...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2006/06/21 12:0 a.m.35 views

Cybersocieties.txt

Cybersocieties.com Homepage: http://www.cybersocieties.com Effected files: Input boxes in profile: - Full name box - Occupation box - MSN box - Yahoo box - AIM Box Viewing a profile ------------------------------------------------------ XSS vuln via input boxes in profile: No filter evasion is...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/05/03 12:0 a.m.943 views

Limbo CMS sql.php classes_dir Parameter Remote File Inclusion

The remote host is running Limbo CMS, a content-management system written in PHP. The version of Limbo CMS installed on the remote host fails to sanitize user-supplied input to the 'classesdir' parameter of the 'classes/adodbt/sql.php' script before using it in PHP 'includeonce' functions. Provid...

6.4CVSS5.9AI score0.07921EPSS
Exploits0References1
Gentoo Linux
Gentoo Linux
added 2006/04/21 12:0 a.m.36 views

zgv, xzgv: Heap overflow

Background xzgv and zgv are picture viewing utilities with a thumbnail based file selector. Description Andrea Barisani of Gentoo Linux discovered xzgv and zgv allocate insufficient memory when rendering images with more than 3 output components, such as images using the YCCK or CMYK colour space...

7.5CVSS6.9AI score0.04073EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/03/27 12:0 a.m.32 views

Mambo Open Source Multiple Vulnerabilities

The remote installation of Mambo Open Source fails to sanitize input to the 'mosusertemplate' cookie before using it to include PHP code from a local file. An unauthenticated attacker may be able to exploit this issue to view arbitrary files or to execute arbitrary PHP code on the affected host. ...

7.6CVSS6.2AI score0.05527EPSS
Exploits3References4
Rows per page
Query Builder