Page 10 of 48 results (0.007 seconds)

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file. • http://marc.info/?l=bugtraq&m=87602880019796&w=2 •

CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 1

List of arbitrary files on Web host via nph-test-cgi script. • https://www.exploit-db.com/exploits/19536 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0045 •

CVSS: 5.0EPSS: 8%CPEs: 1EXPL: 1

test-cgi program allows an attacker to list files on the server. • https://www.exploit-db.com/exploits/20435 https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E •