|
313301
|
- |
|
apache
|
http_server
|
Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat)…
|
CWE-78
OS Command
|
CVE-2002-0061
|
2024-01-27 05:01 |
2002-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313302
|
- |
|
hypermail_development
|
hypermail
|
Hypermail allows remote attackers to execute arbitrary commands on a server supporting SSI via an attachment with a .shtml extension, which is archived on the server and can then be executed by reque…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2001-0901
|
2024-01-27 05:01 |
2001-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313303
|
- |
|
apache
ncsa
|
http_server
ncsa_httpd
|
phf CGI program allows remote command execution through shell metacharacters.
|
CWE-78
OS Command
|
CVE-1999-0067
|
2024-01-27 05:00 |
1996-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313304
|
- |
|
e107
|
e107
|
ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to imag…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2004-2262
|
2024-01-27 04:10 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313305
|
- |
|
yvesglodt
|
i-man
|
I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2005-1868
|
2024-01-27 04:07 |
2005-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313306
|
- |
|
yapig
|
yapig
|
upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for uploaded image files, which allows remote attackers to upload arbitrary files and execute arbitrary PHP co…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2005-1881
|
2024-01-27 04:07 |
2005-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313307
|
- |
|
deluxebb
|
deluxebb
|
DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupl…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2006-4558
|
2024-01-27 04:02 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313308
|
- |
|
duware_dubanner_project
|
duware_dubanner
|
add.asp in DUware DUbanner 3.1 allows remote attackers to execute arbitrary code by uploading files with arbitrary extensions, such as ASP files, probably due to client-side enforcement that can be b…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2006-2428
|
2024-01-27 04:01 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313309
|
- |
|
rockliffe
|
mailsite_express
|
Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the ca…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2005-3288
|
2024-01-27 04:01 |
2005-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313310
|
- |
|
linux
canonical
debian
mandriva
|
linux_kernel
ubuntu_linux
debian_linux
linux
|
The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2005-3181
|
2024-01-27 03:56 |
2005-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
