85 matches found
Opera 6.0.1/6.0.2 - Arbitrary File Disclosure
source: https://www.securityfocus.com/bid/4834/info A vulnerability has been reported in Opera 6.01/6.02. The vulnerability is related to handling of the 'file' HTML input-type. It is possible for a server to set the file value, while fooling Opera into thinking no file has been specified. This i...
CVE-2001-0997
Textor Webmasters Ltd listrec.pl CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the TEMPLATE parameter...
CVE-2001-0997
The CVE-2001-0997 entry concerns Textor Webmasters Ltd’s listrec.pl CGI. The vulnerability arises from shell metacharacter processing in the TEMPLATE parameter, enabling remote arbitrary command execution on the affected host with web server privileges. Public sources in the connected docs (NVD/N...
Microsoft Internet Explorer 5.56.0 - Spoofable File Extensions
Microsoft Internet Explorer 5.56.0 - Spoofable File Extensions source: https://www.securityfocus.com/bid/3597/info It is possible for a malicious webmaster, hosting files on an website, to spoof file extensions for users of Internet Explorer. For example, an .exe file can be made to look like a...
Textor Webmasters Ltd listrec.pl TEMPLATE Parameter Arbitrary Command Execution
The 'listrec.pl' cgi is installed. This CGI has a security flaw that lets an attacker execute arbitrary commands on the remote server, usually with the privileges of the web server. %NASLMINLEVEL 70300 This script written by Matt Moore See the Nessus Scripts License for details Changes by Tenable...