steve gustin vulnerabilities and exploits

(subscribe to this query)

CGIScript.net csPassword.cgi allows remote authenticated users to modify the .htaccess file and gain privileges via newlines in the title field of the edit page.

Cgiscript.net Cspassword 1.0

2 EDB exploits

CGIScript.net csPassword.cgi leaks sensitive information such as the pathname of the server in debug messages that are presented when the script fails, which allows remote malicious users to obtain the information via a "remove" option in the command parameter, which ge...

Cgiscript.net Cspassword 1.0

1 EDB exploit

csSearch.cgi in csSearch 2.3 and previous versions allows remote malicious users to execute arbitrary Perl code via the savesetup command and the setup parameter, which overwrites the setup.cgi configuration file that is loaded by csSearch.cgi.

Cgiscript Cssearch Professional

1 EDB exploit

CGIscript.net csMailto.cgi allows remote malicious users to execute arbitrary commands via shell metacharacters in the form-attachment field.

Cgiscript.net Csmailto

1 EDB exploit

CGIScript.net csNews.cgi allows remote malicious users to obtain database files via a direct URL-encoded request to (1) default%2edb or (2) default%2edb.style, or remote authenticated users to perform administrative actions via (3) a database parameter set to default%2edb.

Cgiscript.net Csnews 1.0 Cgiscript.net Csnews 1.0 Professional

1 EDB exploit

CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability.

Cgiscript.net Csnews 1.0 Professional Cgiscript.net Csnews 1.0

1 EDB exploit

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook