Exploitdb Exploits
2,809 exploits tracked across all sources.
Microburst Technologies uDirectory <2.0 - Command Injection
udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the category_file field.
by Igor Dobrovitski
Apache HTTP Server - Directory Listing via Excessive Slash Characters
The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.
by farm9
Apache HTTP Server - Directory Listing via Excessive Slash Characters
The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.
by farm9
Apache HTTP Server - Directory Listing via Excessive Slash Characters
The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.
by rfp
Broker FTP Server 5.9.5.0 - Denial of Service via Invalid CD Command
Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command.
by byterage
Pragma InterAccess 4.0 build 5 - Denial of Service via Telnet Port Overflow
telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers to cause a denial of service (crash) via a large number of characters to port 23, possibly due to a buffer overflow.
by nemesystm
Netscape Enterprise Server 4.1 - HTTP Method Name Buffer Overflow
by Robert Cardona
Internet Information Server < 5.0 - Directory Traversal via Double-Encoded Dot-Dot Sequences
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
by Cyrus The Gerat
iPlanet Web Server Enterprise Edition <= 4.1 - Buffer Overflow via Long URI in Web Publisher
Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, or other methods.
by Santi Claus
DCScripts DCForum <=2000 - Privilege Escalation
DCScripts DCForum versions 2000 and earlier allow a remote attacker to gain additional privileges by inserting pipe symbols (|) and newlines into the last name in the registration form, which will create an extra entry in the registration database.
by Franklin DeMatto
Hughes Technologies Virtual DNS Server 1.0 - Denial of Service via Port 6070 Connection
Hughes Technologies Virtual DNS (VDNS) Server 1.0 allows a remote attacker to create a denial of service by connecting to port 6070, sending some data, and closing the connection.
by neme-dhc
WebStore 400/400CS 4.14 - Authenticated Remote Code Execution via ws_mail.cgi kill Parameter
ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated WebStore administrators to execute arbitrary code via shell metacharacters in the kill parameter.
by Igor Dobrovitski
WebStore 400 - Authentication Bypass via Null Character or Dot-Dot Filename
WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program with a filename that exists, which is made easier by (1) inserting a null character or (2) .. (dot dot).
by Igor Dobrovitski
Windows 2000 - Buffer Overflow in Internet Printing ISAPI Extension
Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.
by storm
Oracle 8 Server - 'TNSLSNR80.EXE' Denial of Service
Linux Kernel - Firewall Bypass via FTP PORT Command
ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall.
by Cristiano Lincoln Mattos
NetBSD - Remote Code Execution via Long Pattern String with {} Sequence
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
by Elias Levy
Infodrom cfingerd <1.4.3 - Privilege Escalation
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function.
by Lez
CVSS 9.8
nph-maillist.pl - Command Injection
nph-maillist.pl allows remote attackers to execute arbitrary commands via shell metacharacters ("`") in the email address.
by Kanedaaa
Gene6 G6 FTP Server <2.0 - Info Disclosure
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to read file attributes outside of the web root via the (1) SIZE and (2) MDTM commands when the "show relative paths" option is not enabled.
by Rob Beck
Gene6 G6 FTP Server 2.0 - Info Disclosure
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.
by Rob Beck
Aspseek < 1.0.3 - Remote Code Execution via Long HTTP Query String or tmpl Parameter
Multiple buffer overflows in s.cgi program in Aspseek search engine 1.03 and earlier allow remote attackers to execute arbitrary commands via (1) a long HTTP query string, or (2) a long tmpl parameter.
by teleh0r
Internet Information Services 5.0 - Denial of Service via Malformed WebDAV Requests
IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests.
by Georgi Guninski
Cisco IOS 11.3-12.2 - Unauthenticated Command Execution via High Access Level URL
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
by hypoclear
sendtemp.pl - Directory Traversal via Templ Parameter
Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web development server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the templ parameter.
by Tom Parker
By Source