Pico Security Vulnerabilities
Multiple buffer overflows in handlers.c for Pico Server (pServ) before 3.3 may allow attackers to execute arbitrary...
7.9AI Score
0.003EPSS
Multiple SQL injection vulnerabilities in PicoPublisher 2.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) page.php or (2)...
8.8AI Score
0.003EPSS
Buffer overflow in Pico Server (pServ) 2.0 beta 1 through beta 5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a 1024-byte TCP stream message, which triggers an off-by-one buffer overflow, or (2) a long method name in an HTTP request, (3).....
8.6AI Score
0.219EPSS
Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitrary files and execute arbitrary commands via a /./ (slash dot slash) before each .. (dot dot) sequence in the URL, which results in an incorrect directory depth...
7.8AI Score
0.005EPSS
Heap-based buffer overflow in the CGI extension for Pico Server (pServ) 3.3 allows remote attackers to execute arbitrary code via a long HTTP...
8.5AI Score
0.035EPSS
Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain the source code for CGI scripts via "dirname/../cgi-bin" in a...
6.8AI Score
0.056EPSS
Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL with multiple leading "/" (slash) characters and ".."...
7.6AI Score
0.018EPSS
Pico Server (pServ) 3.2 and earlier allows local users to read arbitrary files as the pServ user via a symlink to a file outside of the web document...
6.3AI Score
0.003EPSS