Searching active software vulnerabilities

A configuration in a web browser such as Intern

configuration | Javascript | Navigator | execution | Netscape | Explorer | Internet | content | ActiveX | browser | allows | active | Java | such | etc | web |

A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.


FileSystemObject (FSO) in the showfile.asp Acti

FileSystemObject |

FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.


The Microsoft Active Setup ActiveX component in

manufacturer | software's | components | component | Microsoft | prompting | attacker | software | Explorer | Internet | without | stating | ActiveX | install | remote | Active | allows | Setup | user |

The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft.


admin.cgi in Active Classifieds Free Edition 1.

configuration | Classifieds | table_width | privileges | commercial | attackers | parameter | arbitrary | versions | possibly | admincgi | Edition | execute | remote | Active | allows | modify | code | Free | gain | Perl | via |

admin.cgi in Active Classifieds Free Edition 1.0, and possibly commercial versions, allows remote attackers to modify the configuration, gain privileges, and execute arbitrary Perl code via the table_width parameter.


Phorum 3.3.2 allows remote attackers to determi

Phorum |

Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication.


Cross-site scripting vulnerability in TransWARE

vulnerability | Cross-site | TransWARE | scripting | Active | mail |

Cross-site scripting vulnerability in TransWARE Active! mail 1.422 and 2.0 allows remote attackers to execute arbitrary code via a certain e-mail header, which is not properly filtered.


Unknown vulnerability in the FTP server (in.ftp

vulnerability | Unknown | server | FTP |

Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients.


add_bookmark.php in Active PHP Bookmarks (APB)

add_bookmarkphp | Bookmarks | Active | PHP |

add_bookmark.php in Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to add arbitrary bookmarks as other users using a modified auth_user_id parameter.


The RPC Runtime Library for Microsoft Windows N

Microsoft | attackers | Windows | service | Runtime | Library | active | denial | memory | remote | allows | cause | read | RPC |

The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values.


Zone Labs IMsecure and IMsecure Pro before 1.5

extenstions | containing | Filtering | attackers | IMsecure | instant | encoded | message | Active | before | remote | bypass | allow | file | Labs | Link | Zone | Pro | via | URL | hex |

Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers to bypass Active Link Filtering via an instant message containing a URL with hex encoded file extenstions.


Red-M Red-Alert 2.7.5 with software 3.1 build 2

Red-Alert | Red-M |

Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user.


Ingate Firewall 4.1.3 and earlier does not term

Firewall | Ingate |

Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources.


PY Software Active Webcam WebServer (webcam.exe

WebServer | Software | Webcam | Active |

PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to Filelist.html.


SQL injection vulnerability in admin/login.asp

admin/loginasp | vulnerability | arbitrary | attackers | injection | password | commands | execute | Manager | Active | allows | remote | News | SQL | via |

SQL injection vulnerability in admin/login.asp in Active News Manager allows remote attackers to execute arbitrary SQL commands via the password.


Race condition in Cisco Adaptive Security Appli

condition | Appliance | Adaptive | Security | Cisco | Race |

Race condition in Cisco Adaptive Security Appliance (ASA) 7.0(0), 7.0(2), and 7.0(4), when running with an Active/Standby configuration and when the failover LAN interface fails, allows remote attackers to cause a denial of service (standby firewall failure) by sending spoofed ARP responses from an IP address of an active firewall, which prevents the standby firewall from becoming active, aka "failover denial of service."


SQL injection vulnerability in default.asp in A

ActiveWebSoftwares | vulnerability | defaultasp | attackers | arbitrary | injection | parameter | commands | execute | Gallery | Active | allows | remote | catid | Photo | SQL | via |

SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Photo Gallery allows remote attackers to execute arbitrary SQL commands via the catid parameter.


SQL injection vulnerability in default.asp in A

ActiveWebSoftwares | vulnerability | defaultasp | arbitrary | attackers | injection | parameter | commands | execute | remote | Active | Engine | allows | catid | Link | SQL | via |

SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Link Engine allows remote attackers to execute arbitrary SQL commands via the catid parameter.


SQL injection vulnerability in ViewNewspapers.a

ViewNewspapersasp | vulnerability | NewsPaperID | Newsletter | attackers | arbitrary | injection | parameter | commands | execute | earlier | Active | allows | remote | SQL | via |

SQL injection vulnerability in ViewNewspapers.asp in Active Newsletter 4.3 and earlier allows remote attackers to execute arbitrary SQL commands via the NewsPaperID parameter.


SQL injection vulnerability in default.asp in A

vulnerability | defaultasp | attackers | arbitrary | injection | parameter | commands | execute | Active | allows | remote | catid | Trade | SQL | via |

SQL injection vulnerability in default.asp in Active Trade 2 allows remote attackers to execute arbitrary SQL commands via the catid parameter.


SQL injection vulnerability in default.asp in A

ActiveWebSoftwares | vulnerability | defaultasp | attackers | arbitrary | injection | parameter | commands | execute | Auction | Active | allows | remote | catid | SQL | Pro | via |

SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Auction Pro 7.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter.


Software vulnerabilities results 1 to 20 of 85     
Page: 12345