The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs.
CVSS Score
10.0
EPSS Score
0.011
Published
2008-10-30
Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts.
CVSS Score
4.3
EPSS Score
0.003
Published
2007-10-23
Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length (Content-Length) HTTP header.
CVSS Score
5.0
EPSS Score
0.013
Published
2006-05-03
Page 3