Tiny HTTP Server versions 1.1 and 1.0.5 are vulnerable to directory traversal, denial of service, and cross site scripting bugs. Examples provided.
94d202695ed7e71eeb74c905557c9600d4fab98f445abaea4f073aba55c6bc8a
When running in proxy mode, properly crafted requests sent to Finjan SurfinGate versions 6 and 7 can mimic control commands. Known vulnerabilities include viewing log data and causing the service to restart, potentially resulting in a DoS situation. The architecture for this application suggests there is a potential for modifying the filtering policy as well. The vendor has ignored the problem for over a year.
572f4e17a711d98d530166340377eea87699bc44b226915bbaab6ea14b6fba74
Novell Netware Enterprise web server versions 5.1 and 6.0 are vulnerable to various cross site scripting, path dislosure, and directory listing attacks.
6fa6232eddd35425923014566186261bae4069faaff0f01545f187bf7e4f140e
The NetBus web server that comes as part of the trojan is susceptible to a directory listing and remote file upload vulnerability when a trailing / or ./ is appended to the URL.
a6237e6da8ad8b78741dec936856ce7e954fdb332dab3a0e635e29a581aafeca
Version 2.05 of the Freesco thttpd server is susceptible to a cross site scripting attack.
7586f60c26ce3791038b0f784a97cbdca327bb195524fa1e6f30051b6a45b9f4
GeoHttpServer is vulnerable to an authentication bypass and a denial of service attack.
faae912330fa19a378bed24073e7eb019129f317801a1925873ee8dc480e0be3
Need for Speed Hot Pursuit 2 remote exploit that makes use of a vulnerable client that is susceptible to a buffer overflow attack by a hostile server.
41b60c7f18b4a9ed723e56c839d1b5d8fdd42fbaa041b262da167f206486b356
Security Corporation Security Advisory [SCSA-026]: A vulnerability has been discovered in DUWARE Products, which allows malicious users to become administrators. It affects approximately 15 different products in all.
0c960411e961d7e65a618c303917edb4acbe482261e21a68ece0032a7e326fb9
2Wire-Gateway is a router that has a webserver for maintenance. The CGI interface lacks input validation when returning an error with its return variable allowing for a directory traversal attack.
7d327c33155ca85a9c8ffbe857abf59b58c2dd8d41a1f071dd99da63cc51605a
OwnServer, a web server used for watching security cameras remotely, is susceptible to a directory traversal bug that allows a remote attacker to gain access to files outside of the webroot.
b32b6045df134cd7484a3ae7c2e8bfa669777d8d1b0a5b081d9961a173b87d02
NETCam webserver running NETCam Viewers 1.0.0.28 and below have a directory traversal bug that allows remote attackers to gain access to files outside of the webroot.
3033ef31ebe260b918d9f1e9177da16b936b0caa1f3b1065986e5ccaa17a5f85
The Goahead webserver, version 2.1.8 and below, is an embedded webserver used by many products. The server has an internal problem where it will accept improper HTTP requests that allow a remote attacker to view source for CGI related files.
86b6965a79475e6b076b8955dfe03320b7908780179972962671b165a32736ba
The Goahead webserver, version 2.1.8 and below, is an embedded webserver used by many products. A flaw exists where an attacker can get the webserver to consume all of the server's resources by using the POST method with a specific number set for the Content-Length parameter.
750d26c05ba6a4c19bb67be0988c544aa47ff4b7bd00c46f35b28f0378c6877a
YaBB SE versions 1.54 and 1.53 have the functions welcome and recentTopics which are vulnerable to SQL injection because the parameter ID_MEMBER is not checked against malicious input.
95e89384d3a5e60f55043d680923bf50f3a2d727d428ca8993e211fcbfc77dda
Attached is an exploit that crashes the Pointbase 4.6 database server that comes with the J2EE reference implementation. It is caused by fact that the Pointbase installation coming with j2ee/ri 1.4. is not equipped with an appropriate security manager, thus giving all jars implicitly all permissions. These unlimited permissions can be exploited by an attacker using jdbc to crash the jvm running the pointbase server. Further exploitations possible are information disclosure and remote command injection.
dce14b7ba6ef63416061596683c967a3e51ca10f2c1f0204a348921ccdd803ca
phpShop Project versions 0.6.1-b and earlier are prone to SQL injection attacks, script injection, cross site scripting, and user information disclosure vulnerabilities.
adc0386ff64991975f3cef1848e988a682f780a5a19f78fb561e980f819177e2
Xtreme ASP Photo Gallery Version 2.0 is prone to a common SQL injection vulnerability. The problem occurs when handling user-supplied username and password data supplied to authentication procedures.
18196c49e782ab6139923566eb59889974ae0a3c962a2c04583975e95eea74fa
RapidCache versions 2.2.6 and below suffer from denial of service and directory traversal bugs.
9e8235a36daf36f0ef225186bf427d9237e751f7245e744d783a418c71e1d0f5
WWW File Share Pro versions 2.42 and below allow for files outside of the webroot to be overwritten due to invalid input validation, a denial of service attack when POSTs are made with large amounts of bytes, and directory authorization bypass.
4c071c11277f22ac564d41f1c75b17b4836ee660374acfd340f21bd50065149a
Local exploit that makes use of a symlink vulnerability in YaST when using SuSEconfig.gnome-filesystem.
b52db200e1ea04d1dd8b34e13eb95b40a438eeed156071a65829e4a699a709a6
Local exploit that makes use of a symlink vulnerability that lies in Antivir for Linux version 2.0.9-9.
16c3a212203098718f24a83489734c130a494f00fe79ca71a4e1ce777906a39d
Remote exploit for Windows FTP server version 1.6. Data for original vulnerability discovery made by Peter Winter-Smith here.
0aec0aed6891ae2629f8a646add69806a9b1a216e29c1bda7b123ef126e05408
phpGedView version 2.65 beta 5 is susceptible to SQL injection attacks, path disclosure issues, cross site scripting, and denial of service attacks.
094b03352c5b18b33d01d1e8130f34dc9ebd3a1a84468e7051f67ce4e422685f
DameWare Mini Remote Control versions 3.73 and below remote exploit. Tested against Windows 2000 with versions 3.68 and 3.72.
ef92006dbb8f3036693f95127cba9c8d48aec7349cfcdc2d8a0a95478c76a758
The ezContents utility allows for arbitrary code execution on the server due to a lack of input validation.
36c30b0d861ec350e51582820117757d408e10079516d49c48514b47eb2d06fe