56 matches found
CVE-2002-2145
Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space %20 and a '.' %2e at the end of the filename...
SIX-webboard does not adequately validate user input thereby permitting directory traversal
Overview SIX-webboard does not adequately validate user input, allowing directory traversal. Description SIX-webboard 2.01 does not adequately validate the "content" CGI variable, allowing directory traversal out of SIX-webboard's content root directory. Attackers may exploit this vulnerability t...
PHP-Nuke v5.6 - Users can compromise admin accts.
Tested on PHP-Nuke v5.6 with Mozilla on Linux should work on past versions and on most browsers Impact: --------------------------------------------- Allows any user to get admin access to a PHP-Nuke site. Summary: ---------------------------------------------- Due to a XSS flaw in PHPNuke's...
advisory
------------ advisory ------------ name: eshop Online-Shop System author: WEBDISCOUNT, Inh. Michael Boehme Problem: Script doesnt check for symbol ";". any user can execute any nix commands on webserver. exploit: host/cgi-bin/eshop.pl?seite=;ls| ex...
Microsoft IIS 4.0/5.0 - SSI Buffer Overrun Privilege Escalation
// source: https://www.securityfocus.com/bid/3190/info A vulnerability exists in Microsoft IIS 4.0 and 5.0 that could allow a user with permission to write content to the IIS server to run any code in Local System context. / jim.c - IIS Server Side Include exploit by Indigo 2001 Usage: jim This...
WebTrends Enterprise Reporting Server 3.1 c3.5 - Source Code Disclosure
WebTrends Enterprise Reporting Server 3.1 c3.5 - Source Code Disclosure source: https://www.securityfocus.com/bid/2812/info WebTrends Live is a web-based reporting service which provides interactive tracking of usage statistics and E-commerce revenue. It is possible to view the source code of...
CVE-2000-1110
document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program...
phpix 1.0 - Directory Traversal
phpix 1.0 - Directory Traversal source: https://www.securityfocus.com/bid/1773/info PHPix is a web-based photo-album system written in PHP. It is vulnerable to an attack that allows a malicious remote user to view arbitrary files on the target webserver with the privileges of the webserver. The...
ssexploit502x.pl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Statistics Server 5.02x overflow Advisory Name: Statistics Server Live Stats Advisory Released: 00/08/10 Application: Web site traffic analyzer Severity: local/remote user can run arbitrary code with WebServer privileges Status: vendor contacted...
Caldera OpenLinux 2.3 - rpm_query CGI
Caldera OpenLinux 2.3 - rpmquery CGI source: https://www.securityfocus.com/bid/1036/info A vulnerability exists in the default installation of Caldera OpenLinux 2.3. A CGI is installed in /home/httpd/cgi-bin/ names rpmquery. Any user can run this CGI and obtain a listing of the packages, and...
Antelope Software W4-Server 2.6 aWin32 - Cgitest.exe Remote Buffer Overflow
Antelope Software W4-Server 2.6 aWin32 - Cgitest.exe Remote Buffer Overflow // source: https://www.securityfocus.com/bid/802/info Certain versions of the W4-Server 32-bits personal webserver by Antelope Software ship with a flawed script, Cgitest.exe. This compiled CGI script fails to perform...
etype eserv 2.50 - Directory Traversal
source: https://www.securityfocus.com/bid/773/info Etype's Eserv product is designed to be a one-source internet connectivity solution, incorporating mail, web, ftp, and proxy servers into one package. The web server will allow remote browsing of the entire filesystem by the usage of ../ strings ...
netscape.find.txt
Date: Mon, 8 Mar 1999 19:48:05 +0200 From: Georgi Guninski To: [email protected] Subject: Netscape Communicator find vulnerabilities There is a design flaw in Netscape Communicator 4.5 Win95, 4.08 WinNT I guess all 4.x version are vulnerable which allows the following security exploits: Readin...
Computalynx CMail 2.3 - Web File Access
Computalynx CMail 2.3 - Web File Access / source: https://www.securityfocus.com/bid/281/info A vulnerability in Computalynx's CMail allows remote malicious users to steal local files. Compulynx's CMail is a Win32 mail server program. One of its features is allowing users to access their email wit...
Microsoft IIS 2.03.0 - Appended Dot Script Source Disclosure
Microsoft IIS 2.03.0 - Appended Dot Script Source Disclosure source: https://www.securityfocus.com/bid/2074/info Microsoft Internet Information Server IIS is a popular web server, providing support for a variety of scripting languages, including ASP active server pages. IIS 2.0 and 3.0 suffer fro...
CVE-1999-0173
FormMail CGI program can be used by web servers other than the host server that the program resides on...