cgi Exploits

Date D A V Description Plat. Author
2005-06-11 - Verified Webhints <= 1.03 Remote Command Execution Exploit (perl code) (1) cgi Alpha_Programmer
2005-06-11 - Verified Webhints <= 1.03 - Remote Command Execution Exploit (c code) (2) cgi Alpha_Programmer
2005-06-11 - Verified Webhints <= 1.03 Remote Command Execution Exploit (perl code) (3) cgi MadSheep
2005-06-15 - Verified eXtropia Shopping Cart web_store.cgi Remote Exploit cgi Action Spider
2005-07-25 - Verified FtpLocate <= 2.02 (current) Remote Command Execution Exploit cgi newbug
2005-08-18 - Verified GTChat <= 0.95 Alpha Remote Denial of Service Exploit cgi RusH
2005-08-23 - Verified GTChat <= 0.95 Alpha (adduser) Remote Denial of Service Exploit cgi VTECin5th
2005-09-04 - Verified man2web <= 0.88 Multiple Remote Command Execution Exploit (update2) cgi tracewar
2005-09-27 - Verified Barracuda Spam Firewall < 3.1.18 Command Execution Exploit (meta) cgi Nicolas Gregoire
2006-02-06 - Verified MyQuiz 1.01 (PATH_INFO) Arbitrary Command Execution Exploit cgi Hessam-x
2006-02-17 - Verified AWStats < 6.4 (referer) Remote Command Execution Exploit cgi RusH
2006-04-13 - Verified Censtore <= 7.3.x (censtore.cgi) Remote Command Execution Exploit cgi FOX_MULDER
2006-04-13 - Verified quizz <= 1.01 (quizz.pl) Remote Command Execution Exploit cgi FOX_MULDER
2006-04-14 - Verified SysInfo 1.21 (sysinfo.cgi) Remote Command Execution Exploit cgi rgod
2006-04-15 - Verified Symantec Sygate Management Server - (login) SQL Injection Exploit cgi Nicob
2006-05-06 - Verified AWStats <= 6.5 (migrate) Remote Shell Command Injection Exploit cgi redsand
2006-06-02 - Verified iShopCart vGetPost() Remote Buffer Overflow Exploit (cgi) cgi K-sPecial
2006-08-28 - Verified Cybozu Products (id) Arbitrary File Retrieval Vulnerability cgi Tan Chew Keong
2006-08-28 - Verified Cybuzu Garoon 2.1.0 - Multiple Remote SQL Injection Vulnerabilities cgi Tan Chew Keong
2007-01-01 - Verified WWWBoard 2.0 (passwd.txt) Remote Password Disclosure Vulnerability cgi bd0rk
2007-01-29 - Verified CVSTrac 2.0.0 Post-Attack Database Resurrection DoS Exploit cgi Ralf S. Engelscha.
2007-03-04 - Verified RRDBrowse <= 1.6 - Remote Arbitrary File Disclosure Vulnerability cgi Sebastian Wolfgar.
2007-08-06 - Verified YNP Portal System 2.2.0 (showpage.cgi p) Remote File Disclosure cgi GoLd_M
2007-08-06 - Verified CartWeaver (Details.cfm ProdID) Remote SQL Injection Vulnerability cgi meoconx
2007-08-14 - Verified IBM Rational ClearQuest Web Login Bypass SQL Injection Vulnerability cgi s4squatch