Category: CGI abuses

Search for a vulnerability:

ID # Risk Test Title mirroring Webmail Session authentication bypass Forums 2000 <= 3.4.05 script injection Forums 2000 <= 3.4.06 redirection Multiple vulnerabilities Path and SQL Structure Disclosure 1.9.7 SQL injection remote command execution glob vulnerability via open_basedir Remote Command Execution <= 0.5.5 SQL Injection <= 0.6.3 SQL Injection < 3.x Multiple vulnerabilities <= 3.07 SQL injection < 3.0 Admin password change <= 3.1.0 Session Hijacking <= 3.1.0 SQL injection Payment.PHP Remote File Include Vulnerability Multiple Input Validation Vulnerabilities(2) < 4.4.7/5.2.3 Multiple Vulnerabilities < 4.4.3/5.1.3 Multiple Vulnerabilities < 4.4.1/5.1.0 Multiple Vulnerabilities Photo Gallery Picmgr.PHP SQL Injection Photo Gallery Albmgr.PHP SQL Injection SQL Injection Vulnerability SE Profile.php SQL Injection Vulnerability Usercp.PHP SQL Injection Vulnerability <= 4.2 Multiple Remote File Include Vulnerabilities Web Mail < 5.5.1 Multiple Vulnerabilities Web Mail < 4.1.5 Session Vulnerability Web Mail < 5.3.1 Multiple Vulnerabilities Web Mail < 5.2.8 Multiple Vulnerabilities Web Mail < 5.3.0 Multiple Vulnerabilities Multiple SQL Injection Vulnerabilities SQL Injection Vulnerability Multiple Input Validation Vulnerabilities Information Disclosure Remote File Include Unspecified Information Disclosure Origin Spoofing Vulnerability Image Upload HTML Injection Vulnerability Common.PHP Remote File Include CMS Multiple Remote File Include Vulnerabilities CMS GLOBALS[DIR_LIBS] Remote File Include CMS Multiple Input Validation Vulnerabilities CMS Action.PHP SQL Injection CMS Common.PHP Remote File Include Remote PHP Script Code Injection Vulnerability Remote Arbitrary File Upload Vulnerability Remote File Inclusion Vulnerability < 1.1.34 multiple vulnerabilities HTTP Server Multiple Input Validation Vulnerabilities StaticFilter Directory Traversal < 1.4.0sr1, 1.3.11sr4 Multiple Vulnerabilities Portal.PHP SQL Injection Vulnerability <= 1.3a SQL Injection <= 1.2 Arbitrary Variable Overwrite <= 1.2 SQL Injection Database Configuration Information Disclosure < 1.4.0sr3 Multiple Vulnerabilities Authorization Bypass Vulnerability Multiple Remote Buffer Overflow Vulnerabilities Web Logbook <2.6.1 multiple flaws File Disclosure Vulnerability Remote Directory Traversal Vulnerability Power Board < Multiple Vulnerabilities remote script disclosure Multiple Input Validation Vulnerabilities <= 1.4 Patched Multiple vulnerabilities < 0.9.3 < 2.0.18 Multiple vulnerabilities < 4.4.1/5.0.6 Multiple Vulnerabilities <= 2.9.7 Multiple Vulnerabilities <= 2.9.6 Multiple Vulnerabilities <= 2.0 Denial of Service Multiple Vulnerabilities(2) < 4.20 Multiple Input Validation Vulnerabilities Multiple Remote Input Validation Vulnerabilities Multiple Arbitrary PHP Code Injection Vulnerabilities BBCode Script Injection Vulnerability Showflat.PHP SQL Injection Vulnerability < 6.5.2 Beta2 Multiple Vulnerabilities Addpost_newpoll.PHP Remote File Include < 2.1 Multiple Vulnerabilities <= 2.2.6 - Remote File Include Vulnerability < 6.00.110 Multiple Vulnerabilities code injection (2) Username Enumeration Vulnerability Layers_Toggle.PHP HTTP Response Splitting Export_Handler.PHP File Corruption Vulnerability Multiple SQL Injection Vulnerabilities SQL Injection Vulnerability Website System Voting Manipulation Vulnerability Resetcore.PHP SQL Injection Vulnerability Remote File Disclosure Vulnerability CuteNews Directory Traversal Vulnerability Internet Store 1.0 directory traversal Server Password Leakage via Exception Server Priviledge Escalation Server Authentication leaks via memory Server Proxy Plugin Crash Server SSL T3 Bypass Server Potential Password Disclosure Weakness Server Denial of Service Server Security Role Tag Removal Server Secrets Insecurely Stored Server Start/Stop Site Restriction Enforcement Server Boot Credentials Disclosure Server Pattern Matching Restriction Bypass Server Administrative credentials disclosure Server EJB Bean Removal Permissions Server Group Deletion Permission Leakage Server Incorrect Certificate Identity Server Invalid Certificate Chain < 1.2.11 Multiple Vulnerabilities Statistical information disclosure 4D Web Server Directory Traversal Software Auktion Arbitrary File Disclosure avatar.php Arbitrary File Disclosure cached_feed.cgi Arbitrary File Disclosure Systems HTTPBench Arbitrary File Disclosure functions.php File Disclosure Postcards MagicCard.CGI Arbitrary File Disclosure arbitrary command execution SITEWare arbitrary file disclosure CMS 1.0.11 multiple vulnerabilities User Priviledge Escalation Server Potential Password Disclosure Weakness SQL injection Server TRACE request Server Password Disclosure Server Network Port Consumption Server Authentication Failure Disclosure Server JDBC Connection Pool Manipulation Server Multiple Vulnerabilities Server No Logout Server UserLogin password disclosure Server Cookie Cluster Control Server Multiple Vulnerabilities LDAP Anonymous Binds Buffer Overflow CPU starvation Server Multiple Vulnerabilities Access Restriction Bypass Power Board Priviledge Escalation <= 3.0.9 XSS and SQL injection Client-IP Script Injection admin code injection vulnerability admin account creation vulnerability Comment HTML Injection Vulnerability X-Forwarded-For Script Injection Cross-Site Scripting, path disclosure Remote File Include Vulnerability information disclosure cat_ID SQL Injection < 1.0.0 unauthorized access SMTP Server Remote Buffer Overflow < 1.3.11sr1 SQL Injection Vulnerability Cart Multiple Vulnerabilities Privilege Escalation Vulnerability Arbitrary PHP Code Execution XML-RPC for PHP Remote Code Injection < 2.5.6 Multiple Vulnerabilities Admin.PHP SQL Injection Vulnerability Board X <= 1.1 Multiple Vulnerabilities Code Injection via cache_lastpostdate cookie PHP Code Injection Made Simple Remote File Include Vulnerability < 6.7.3 Command Execution Vulnerabilities < 4.66z Multiple vulnerabilities Directory Traversal and HTML Injection Viewtopic.PHP Remote Code Execution Serendipity XML-RPC for PHP Remote Code Injection XML-RPC for PHP Remote Code Injection Power Board Multiple Vulnerabilities Multiple Input Validation Vulnerabilities Shadow BBCode Tag JavaScript Injection Bulletin Board Corruption Center Live Multiple Vulnerabilities Photo Album Multiple vulnerabilities(3) Mail Server Multiple Vulnerabilities Center Live Multiple Vulnerabilities Burning Board Multiple Vulnerabilities Multiple Vulnerabilities Wp-login.PHP HTTP Response Splitting Multiple XSS, HTML and SQL Injection Multiple XSS and SQL Injection WP-Trackback.PHP SQL Injection <= 0.617 Multiple Vulnerabilities Power Board <2.0.4 Multiple Vulnerabilities Serendipity Multiple Remote Vulnerabilities Serendipity Exit.PHP SQL injection Serendipity Plugin HTML Injection Serendipity Multiple Remote Vulnerabilities CMS SQL Injection Multiple vulnerabilities(2) XSS and SQL injection Photo Gallery FAVPICS SQL Injection Printthread.PHP SQL Injection HTTP Server Invalid POST Request DoS HTTP Daemon POST Data Buffer Overflow HTTP Daemon Missing Content-Type Field DoS HTTP Daemon Missing Host Field DoS HTTP Daemon < 0.9.1 Multiple Vulnerabilities Photo Gallery Displayimage.PHP SQL Injection Photo Gallery Voting Restriction Failure KB.php SQL injection Power Board Index.PHP SQL Injection Power Board Calendar.PHP SQL Injection Power Board ST Parameter SQL Injection(2) Power Board Error Message Path Disclosure 4.3.10, 5.0.3 multiple vulnerabilities Power Board SSI.PHP SQL Injection Power Board Index.PHP Post Action SQL Injection Power Board SML Code Script Injection Power Board HTML Injection Power Board ST Parameter SQL Injection Cart Multiple Vulnerabilities Cart SQL Injection Vulnerability Cart HTTP Response Splitting Cart Multiple Vulnerabilities Multiple SQL vulnerabilities Pro Web Admin DoS Vulnerability Pro Webmail Session Hijacking the version of CommuniGate Pro Web Server XSS and SQL injection attacks XSS and SQL injection attacks Image File Format Remote Denial Of Service Multiple Local File Include Vulnerabilities Multiple Input Validation Vulnerabilities Remote Command Execution Multiple Vulnerabilities Export.PHP File Disclosure Remote Command Execution Web Logbook Multiple Buffer Overflow SQL Injection(2) Calendar Script SQL Injection Mail Server Directory Traversal(2) Mail Server Pro Mail Loop DoS Mail Server Pro E-Mail HTML Injection New User Denial of Service Mail Server Authentication Bypass Mail Server Directory Traversal Mail Server Multiple GET Requests DoS Image Upload Authentication Bypass Action Parameter Arbitrary File Disclosure Forum_Search.PHP Information Disclosure Viewthread.PHP Information Disclosure SQL Injection Vulnerability File Disclosure Vulnerability Editpost.PHP SQL Injection Vulnerability HTML and SQL injection vulnerabilities Image Upload Code injection attack Authentication SQL Injection Vulnerability 1.3 multiple vulnerabilities database contents disclosure Image Manager Unauthorized File Upload 4.2.2 code injection vulnerability 4.0.3 IMAP Module Buffer Overflow Vulnerability Socket Integer Overflow Error Logging Format String Vulnerability Upload Arbitrary File Disclosure Vulnerability CGI SAPI Code Execution Vulnerability HTTP POST Incorrect MIME Header Parsing Vulnerability 4/5 Arbitrary File Upload 4/5 Multiple Vulnerabilities Autologin Priviledge Escalation Vulnerability code injection and file disclosure SQL injection vulnerability code injection and file disclosure sendpm.php file read vulnerability PM Deletion CMS Cross Site scripting vulnerabilities Nested BBcode Script Injection Vulnerability arbitrary file disclosure vulnerability Fetch All arbitrary file disclosure code injection SQL injection(3) SQL injection(2) SQL injection Multiple vulnerabilities Script injection vulnerability MEMBER.PHP SQL Injection Vulnerability Multiple vulnerabilities Tar.php arbitrary code execution remote code execution vulnerability code injection and file disclosure Remote Information Retrieval multiple vulnerabilities directory traversal Ball File Manager Remote File Access Remote Command Execution WebServer Empty Request DoS WebServer Invalid Request Buffer Overflow Mail Form mail relay vulnerability Multiple Remote Vulnerabilities HTTP Server buffer overflow HTTP Server multiple vulnerabilities Web Logbook multiple flaws SQL injection arbitrary file disclosure XSS, authentication flaws eSupport SQL injection and XSS WASD HTTP Vulnerabilities remote script disclosure 0.3.6 multiple vulnerabilities HTML Injection Web Root Disclosure Vulnerable to Denial of Service directory listing Webserver directory traversal Private Network Information Leak jsp source disclosure 4.3.2 integer overflow safe mode bypass vulnerability code injection Cross Site Scripting WCCP and Gopher vulnerabilities XSS and Information Disclosure vulnerability WebLogging directory traversal vulnerability source using Microsoft Translate f: bug (IIS 5.1) Multiple Vulnerabilities Detection finduser SQL Injection Budgetone Default Password Remote File Include Vulnerability AutoPilot Multiple Vulnerabilities Multiple Vulnerabilities HTTP Response Splitting Center Live Multiple Vulnerabilities SQL Injection Multiple Flaws arbitrary file reading Cross-Site Scripting Vulnerability Gallery Multiple Flaws SQL injection vulnerabilties XSS and SQL injection issues GNUBoard Remote File Inclusion ASP Calendar Administrative Access injection in iWebNegar SQL Injection Cross Site Scripting Cross Site Scripting Vulnerabilities Remote File Access Vulnerability Unspecified Vulnerability Policy Manager Path Disclosure Live! Remote Configuration File Include 'data fork' file access Torrent Cross Site Scripting password hash disclosure Error Message Path Disclosure Vulnerability Jakarta Cross-Site Scripting Vulnerability Unspecified Authentication Bypass Vulnerability Torrent Remote Directory Traversal XSS sendtofriend.php SQL injection pnTresMailer Directory Traversal Remote Directory Listing Vulnerability Unspecified Vulnerability Multiple Input Validations Power Board Post SQL Injection Vulnerability Power Board Arcade SQL Injection Vulnerability Unspecified Vulnerability sql injection SQL Injection Detection Detection JiNN Application Unspecified Vulnerability decodeHeader HTML injection vulnerability Multiple Flaws (3) MailPost Multiple Flaws Unspecified HTML Injection Vulnerability Authentication Bypass and Information Disclosure dosearch.php SQL injection Backup File Disclosure FrontPage Extension Flaws Domino XSS (2) Multiple Vulnerabilities Remote File Include multiple vulnerabilities CMS Lite Remote File Include SQL injection PHP_Variables Memory Disclosure Portal Multiple Input Validation Vulnerabilities Application Portal Information Disclosure MegaBBS multiple vulnerabilities guestbook remote file include SQL Injection SQL Injection SQL Injection Server4 Authentication Bypass Input Validation Issues E-Market File Disclosure SQL injection and Cross Site Scripting Issues File Inclusion Multiple Vulnerabities HTML Injection Vulnerability SQL Injection Dictionary Module Cross Scripting Vulnerability HTML Injection Vulnerability Security Vulnerability File Sharing Web Server ACL Bypass HTML Attachement Script Execution Plesk Reloaded Cross Site Scripting Vulnerability Cross Site Scripting Vulnerability Directory Traversal ulog-php SQL injection Unauthorized Page Access Cross-Site Scripting Vulnerability Cross-Site Scripting Vulnerability Database Backup Disclosure Script Execution SQL Injection and Directory Traversal database disclosure Multiple Flaws (2) New List Cross Site Scripting Web Access Version command execution multiple flaws XSS and Local escalation HelpDesk Authentication ByPass LDACGI Directory Traversal Install Script Reviews XSS injection in Antiboard Watchdog sresult.exe XSS Search Cross Site Scripting Vulnerability math_sum.mscgi multiple flaws Private Message HTML Injection Access Control Bypass FileManager Directory Traversal < 1.3.3 Tag Board Admin Bypass Cross Site Scripting Vulnerability Multiple Flaws (2) authentication bypass Robotics Disclosed Password Check Report virtual directory traversal AP Hidden Password Check Hidden Password Check injection in JPortal default.cfg file search Source Code Disclosure Services Web Detection IIS Cookie information disclosure Server reverse proxy bug Server load balancer detection file include Command Execution Login Command Execution SQL injection WebMail multiple vulnerabilities Cross-Site scripting vulnerabilities Privilege Escalation Shopping Cart SQL injection Cross Site Scripting Vulnerabilities arbitrary file reading Corp. Online Store Kit More.php Injection Vulnerability User Authentication Vulnerability VBulletin XSS Portal XSS Site Server XSS X-Cart remote command execution injection in Photopost PHP Pro arbitrary file reading arbitrary file reading's blog.cgi command execution multiple flaws portal file disclosure code injection (3) remote command execution Code injection Vulnerability injection in XTreme ASP Photo Gallery Code injection Vulnerability code injection code injection traversal (2) MailList Information Disclosure cross site scripting SQL injection shopsearch SQL injection malformed query code execution Overflow (MS03-051) SQL flaws'Les Visiteurs' script injection injection code injection (2) Store Front code injection Wordpress SQL injection code injection Path Disclosure multiple flaws xss command execution Ashnews code injection Users Disclosure file reading SQL Injection SQL Injection SQL injection arbitrary file upload Invalid Query Path Disclosure cross site scripting Soft Jeus Cross Site Scripting Forum_Details.PHP Cross Site Scripting cleartext passwords's Multiple Flaws Web Server Overflow Command Execution StoryServer TCL code injection SQL injection Multiple XSS XSS CGI Exploit Scanner code injection overflows files reading Flaws code injection Default Password injection in XPression Software multiple issues 2000 browse_item_details.asp SQL injection source disclosure User Account Disclosure format string attack running database access Admin Interface XSS Shoutbox Directory Traversal Son hServer Directory Traversal Rating System Denial Of Service philboard_admin.ASP Authentication Bypass XSS PHP Board admin_ip.php code injection Admin Access shoutbox file inclusion cafelog code injection information disclosure (2) DoS bypass sql injection iiprotect administrative interface Default Passwords Application Server source disclosure Multiple Flaws code injection Path Disclosure Directory Cross Site Scripting SQL injection Configuration File Remote Access server flaws code injection file reading version.two privilege escalation clear-text passwords Login bypass Cookie Admin Access wildcard DNS cross site scripting vulnerability Forums Cmd execution multiple flaws file overwrite Cross Site Scripting ENV tags SQL injection IVE XSS arbitrary command execution WebLogic Scripts Server scripts Source Disclosure (3) Command Execution Path Disclosure Database Download Forums 2000 Password Reset and XSS WebMail overflows SoftWeb Guestbook database disclosure News Unauthorized Administrative Access SE command execution SQL Injection admin access Command Execution Shopping Cart Command Execution Shopping Cart Path disclosure code injection HTTPd file truncation XSS and insecure temporary filenames SQL injection SQL injection Wiz Forums database disclosure config disclosure Guestbook XSS Guestbook config disclosure Wiz Site News / Compulsize Media CNU5 database disclosure SQL injection Information Disclosure Cross Site Scripting StoryServer Information Disclosure WebC.cgi buffer overflows WebC.cgi installed password disclosure XSS Username Spoofing XSS flaws guestbook's guestbook upload spoofing code injection XSS default CGI info disclosure admin access SQL injection Poll info.php information disclosure XSS SQL injection Path Disclosure Code Injection arbitrary file reading information disclosure XSS information disclosure server traversal Multiple Flaws Password Disclosure frontpage installation Academy Directory Traversal 9iAS web admin Mutiple Flaws path disclosure tr3 password storage Cross Site Scripting command execution CGIs download path disclosure information disclosure XSS command execution Frontpage XSS Domino XSS Path Disclosure installed remote command execution overflow Linux (lxr) file reading Deluxe XSS File Manager Filename Script Injection Site Server Cookie Validation Logbook cgi users disclosure traversal plus code injection code execution code injection code injection code injection installed webcams arbitrary file reading function execution remote command execution code injection code injection file reading PowerBoard code injection is installed on the remote host Web Content Management code injection detection / MDAC Vulnerability Content-Type overflow arbitrary files reading code injection code injection command execution Manager's edit_image.php code injection code injection Search Engine File Viewing SQL injection Site Server Information Leak Cross Site Scripting Domino Banner Information Disclosure Vulnerability Physical Path Disclosure Vulnerability Perl directory traversal WebLogic Scripts Server scripts Source Disclosure (2) .HTR ISAPI filter applied overflow Directory Traversal Vulnerability Cross Site Scripting path disclosure Gallery Add-on File View Tomcat Path Disclosure Session Hijacking Bug's htsearch potential exposure/dos dir traversal Webboard's generate.cgi traversal DoS Physical Path Disclosure Vulnerability pro web traversal CGIs arguments torture Traversal's _ncl_items.shtml traversal' opendir's catinfo overflow CGI vulnerability' tstisap.dll overflow cgi path document path JRun Directory Listing directory traversal includes download's common.cgi Directory Server traversal desk's main.cgi Image updating Method phonebook Index directory traversal vulnerability 3.1.x Remote DoS whois : Directory listing through WebDAV directory browsable ? cgi listing through Sambar's search.dll directory browsable ?'s Java Web Server remote command execution listing through WebDAV CGI script sources using /cgi-bin-sdb Overflow web server traversal any file thanks to ~nobody/ source.asp Server /%00/ bug's snoop servlet gives too much information's /admin is world readable buffer overflow overflow in WebSitePro webfind.exe Piped command world readable log file Administration Server admin password shows the listing of any dir 1.80 gives a shell to cvs committers DocumentTemplate package problem's viewsource.jsp reveals full path buffer overrun overflow dangerous sample files Frontpage dvwssr.dll backdoor Web+ Input Validation Bug Vulnerability allows any user to execute arbitrary commands publishingXpert 2 PSUser problem source using %2e trick source using ::$DATA trick check check is world readable's Index server reveals ASP source code Server ?wp bug CGI shows the content of the cgi scripts remote configuration pro reveals the physical file path of web directories misconfiguration server traversal overflow visadmin exploit cgi siteUserMod cgi in /cgi-bin Web Server CGI scripts Powerplay WE Vulnerability vulnerability buffer overrun interpreter can be launched as a CGI FastTrack 'get' Server ?PageServices bug CGI overflow Personal WebServer ... Statistic Server Buffer Overflow cgi directory browsable perl.exe problem directory traversal Free search.cgi directory traversal Frontpage 'authors' exploits Frontpage exploits cgi 3.0 for WebServers HTTP server exposes the set up of the filesystem buffer overrun httpd problem Axis Storpoint CD authentication tests CGIs Intranet Search CGI vulnerability vulnerability possible DoS using ExAir's search possible DoS using ExAir's query possible DoS using ExAir's advsearch Vulnerability

© 1998-2024 E-Soft Inc. All rights reserved.