Rolis Guestbook version 1.0 is susceptible to php injection cross site scripting attacks.
79e815ebb7be676e76426a0e17297e327cf6c44d0c6d1dacc79e8088de2b8dc8
phpWebFileManager version 2.0.0 is susceptible to a directory traversal attack due to a lack of input validation.
11a43dc0602f1582c83e6543b3980c8c54dc65ad457fb56add731e8860a3b758
NetServe version 1.0.7 suffers from a directory traversal vulnerability that allows a remote attack to download any file outside of the webroot. Using this knowledge, a remote attacker can exploit this vulnerability to access the config.dat file that holds the login and password for the administrative account. Tested on Microsoft Windows XP and 2000.
852c4463ccb97a58ecaf9041db4c846ee003660cb27e1d5da9855d1d9bf1cbe7
pServ 2.0.x Beta webserver remote exploit that makes use of the User-Agent HTTP Header buffer overflow.
5c7a46786ee5ec0c5d78688145e1527fbd30b89d6df3a01b81f5ebb54be1a36d
Atstake Security Advisory A111703-2 - A directory traversal vulnerability lies in the web-tools component of the SAP database server that enables any remote attacker to gain access to any file on the host due to the server running as SYSTEM. The Web Agent Administration service pages are also open by default, allowing any remote attacker to reconfigure the server as they see fit and the service also has at least one buffer overflow vulnerability. Default services within the Web Agent, such as waecho, contain buffer overflows that can be exploited remotely. The session identification generated is also considered to be unsafe since they are stored in the URL and not kept in a cookie either.
cfe1dbd3931e689a57bfc15b63567e94bcca765a6d0bc9f4b283731e4015c6bd
Atstake Security Advisory A111703-1 - Using the SQLAT stored procedure, a local attacker can obtain system access by swapping the NETAPI32.DLL in the current working directory. There is also a remote buffer overflow in the niserver interface on TCP port 7629.
3fbb71973327006d5917535cafb01158647356e443df45dc5dcdececc29c125b
Frontpage Server Extensions remote exploit which creates a shell on tcp port 9999 and uses the bug described in ms03-051. Tested on Windows 2000 Professional SP3 English version, fp30reg.dll ver 4.0.2.5526. Bug discovered by Brett Moore.
0525c03ba09b7ba2b7fdb64cf62b8da14bba89c6449b6742c2eab4d12dda2e59