Lucene search
K

1374 matches found

NVD
NVD
added 2001/06/18 4:0 a.m.9 views

CVE-2001-0263

Gene6 G6 FTP Server 2.0 aka BPFTP Server 2.10 allows attackers to read file attributes outside of the web root via the 1 SIZE and 2 MDTM commands when the "show relative paths" option is not enabled...

7.5CVSS6.7AI score0.02424EPSS
Exploits0References3
CVE
CVE
added 2001/05/24 4:0 a.m.49 views

CVE-2001-0263

Gene6 G6 FTP Server 2.0 (BPFTP Server 2.10) is affected by an information-disclosure flaw where attackers can read file attributes outside the FTP root via SIZE and MDTM when the show relative paths option is disabled. Root cause: inadequate restriction of access to attributes outside the FTP roo...

7.5CVSS6.7AI score0.02424EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2001/05/03 12:0 a.m.34 views

Vulnerabilities in BRS WebWeaver

----- Begin Hush Signed Message from [email protected] ----- Vulnerabilities in BRS WebWeaver Overview BRS WebWeaver v0.63 is a combined ftp and web server available from http://bsoutham.home.dhs.org. Vulnerabilities exist in the web server which allow remote users to break out of the web roo...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2001/02/16 12:0 a.m.25 views

Vulnerabilities in Pi3Web Server

----- Begin Hush Signed Message from [email protected] ----- Vulnerabilities in Pi3Web Server Overview Pi3Web v1.0.1 is a web server available from http://www.zdnet.com. A vulnerability exists in the server's internal ISAPI handling procedures which results in a buffer overflow. The server al...

0.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2001/02/08 12:0 a.m.32 views

HSWeb HTTP Server /cgi Directory Request Path Disclosure (deprecated)

It is possible to request the physical location of the remote web root by requesting the folder '/cgi'. An attacker can exploit this flaw to gain more knowledge about this host. This plugin has been deprecated. Webmirror3 plugin ID 10662 will identify a browsable directory. %NASLMINLEVEL 999999 C...

6.6AI score0.0602EPSS
Exploits1References2
securityvulns
securityvulns
added 2001/02/06 12:0 a.m.38 views

Vulnerability in Free Java Web Server

Vulnerability in Free Java Web Server Overview Free Java Web Server v1.0 is a Java web server available from http://www.download.com. A vulnerability exists which allows a remote user to break out of the web root using relative paths ie: '..', '...'. Details http://localhost/../file outside web...

0.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2000/10/20 12:0 a.m.6 views

PT-2000-1640 · Pccs · Pccs Mysqldatabase Admin Tool Manager

Name of the Vulnerable Software and Affected Versions: PCCS MySQLDatabase Admin Tool Manager versions 1.2.4 and earlier Description: The issue allows remote attackers to obtain sensitive information, such as the administrative password, because the file dbconnect.inc is installed within the web...

7.5CVSS6.4AI score0.01612EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2000/07/18 12:0 a.m.28 views

Armada Design Master Index 1.0 - Directory Traversal

source: https://www.securityfocus.com/bid/1772/info Master Index is a commercially supported search engine. Certain versions of this software ship with a path traversal vulnerability. This is to say that a remote user may 'back out' .../ of the web root directory and view/download any file which...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/04/19 12:0 a.m.23 views

FrontPage 98/Personal WebServer 1.0 / Personal Web Server 2.0 - 'htimage.exe' File Existence Disclosure

source: https://www.securityfocus.com/bid/1141/info htimage.exe can be used to determine if a specified path and filename exists on the target host or not. The specified path must be on the same logical drive as the web content. Any file can be specified as an image map in the URL. htimage.exe wi...

7AI score
Exploits0
Cvelist
Cvelist
added 2000/02/04 5:0 a.m.15 views

CVE-1999-0882

Falcon web server allows remote attackers to determine the absolute path of the web root via long file names...

6.7AI score0.01897EPSS
Exploits0References1
NVD
NVD
added 1999/10/28 4:0 a.m.9 views

CVE-1999-0882

Falcon web server allows remote attackers to determine the absolute path of the web root via long file names...

5CVSS6.7AI score0.01897EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 1999/09/16 12:0 a.m.5 views

PT-1999-1490 · Wwwboard · Wwwboard

Name of the Vulnerable Software and Affected Versions: WWWBoard affected versions not specified Description: The issue concerns the storage of encrypted passwords in a password file located under the web root, making it accessible to remote attackers. Recommendations: At the moment, there is no...

10CVSS6.4AI score0.08604EPSS
Exploits0References4
Exploit DB
Exploit DB
added 1998/08/16 12:0 a.m.49 views

Netscape Enterprise Server 3.x/4.x - PageServices Information Disclosure

source: https://www.securityfocus.com/bid/7621/info A vulnerability has been reported for Netscape Enterprise Server. The problem is said to occur while processing HTTP queries containing the '?PageServices' URI parameter. After processing this query the affected server may disclose the contents ...

7.4AI score
Exploits0
exploitpack
exploitpack
added 1998/08/16 12:0 a.m.13 views

Netscape Enterprise Server 3.x4.x - PageServices Information Disclosure

Netscape Enterprise Server 3.x4.x - PageServices Information Disclosure source: https://www.securityfocus.com/bid/7621/info A vulnerability has been reported for Netscape Enterprise Server. The problem is said to occur while processing HTTP queries containing the '?PageServices' URI parameter...

0.2AI score
Exploits0
Rows per page
Query Builder