Searching book software vulnerabilities

By design, Maximizer Enterprise 4 calendar and

Enterprise | arbitrary | Maximizer | calendar | program | address | design | modify | shared | allows | being | other | users | book |

By design, Maximizer Enterprise 4 calendar and address book program allows arbitrary users to modify the calendar of other users when the calendar is being shared.


Vulnerability in (1) Book of guests and (2) Pos

Vulnerability |

Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter.


book.cgi in NetCode NC Book 0.2b allows remote

metacharacters | attackers | arbitrary | "current" | parameter | commands | execute | bookcgi | NetCode | remote | allows | shell | Book | 02b | via |

book.cgi in NetCode NC Book 0.2b allows remote attackers to execute arbitrary commands via shell metacharacters in the "current" parameter.


Electronic Code Book (ECB) mode in VTun 2.0 thr

Electronic | Book | Code |

Electronic Code Book (ECB) mode in VTun 2.0 through 2.5 uses a weak encryption algorithm that produces the same ciphertext from the same plaintext blocks, which could allow remote attackers to gain senstive information.


Buffer overflow in the book_format_sql function

book_format_sql | function | xlreader | overflow | formatc | Buffer |

Buffer overflow in the book_format_sql function in format.c for xlreader 0.9.0 allows remote attackers to execute arbitrary code via a crafted Excel (XLS) file.


Cross-site scripting (XSS) vulnerability in gue

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in guest.cgi in Fresh Guest Book allows remote attackers to inject arbitrary web script or HTML via the Name field.


SQL injection vulnerability in addentry.php in

vulnerability | addentryphp | user-agent | arbitrary | attackers | parameter | injection | versions | possibly | commands | Woltlab | Burning | execute | remote | allows | other | Book | Gold | 111e | SQL | via |

SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the user-agent parameter.


Gurgens (GASoft) Guest Book 2.1 stores the db/G

Gurgens |

Gurgens (GASoft) Guest Book 2.1 stores the db/Genid.dat database file under the web document root with insufficient access control, which allows remote attackers to obtain and decrypt usernames and passwords.


Unspecified vulnerability in BEA WebLogic Porta

vulnerability | restrictions | entitlements | Unspecified | attackers | WebLogic | crafted | through | access | bypass | remote | Portal | allows | pages | using | URLs | Book | SP4 | BEA | via |

Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP4, when using entitlements, allows remote attackers to bypass access restrictions for the pages of a Book via crafted URLs.


The Fetch.FetchContact.1 ActiveX control (Fetch

FetchFetchContact1 | control | ActiveX |

The Fetch.FetchContact.1 ActiveX control (Fetch.dll) for Rediff Bol 7.0 allows remote attackers to read the Windows Address Book via the FullAddressBook method.


Direct static code injection vulnerability in c

vulnerability | injection | configphp | vscripts | Direct | static | code |

Direct static code injection vulnerability in config.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote administrators to execute arbitrary PHP code into the config file, which is included other [V]Book scripts.


Multiple SQL injection vulnerabilities in the a

vulnerabilities | authentication | injection | Multiple | katzlbt | process | SQL |

Multiple SQL injection vulnerabilities in the authentication process in katzlbt (a) The Address Book 1.04e and earlier and (b) The Address Book Reloaded before 2.0-rc4 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters. NOTE: portions of these details are obtained from third party information.


Directory traversal vulnerability in users.php

vulnerability | arbitrary | attackers | traversal | Directory | usersphp | Address | include | remote | allows | files | Book | 104e | via |

Directory traversal vulnerability in users.php in The Address Book 1.04e allows remote attackers to include arbitrary files via a .. (dot dot) in the language parameter.


register.php in The Address Book 1.04e allows r

Self-Registration" | registerphp | arbitrary | attackers | "confirm" | parameter | Address | setting | create | remote | allows | bypass | "Allow | users | 104e | Book | User | mode |

register.php in The Address Book 1.04e allows remote attackers to bypass the "Allow User Self-Registration" setting and create arbitrary users by setting the mode parameter to "confirm".


The Remote UI in Canon imageRUNNER includes use

context-dependent | imageRUNNER | information | exporting | attackers | passwords | sensitive | usernames | includes | address | obtain | Remote | allows | Canon | which | book |

The Remote UI in Canon imageRUNNER includes usernames and passwords when exporting an address book, which allows context-dependent attackers to obtain sensitive information.


SQL injection vulnerability in guestbookview.as

guestbookviewasp | vulnerability | attackers | arbitrary | injection | parameter | commands | execute | earlier | Dreams | Techno | remote | allows | Guest | Book | SQL | key | via |

SQL injection vulnerability in guestbookview.asp in Techno Dreams Guest Book 1.0 earlier allows remote attackers to execute arbitrary SQL commands via the key parameter.


Cross-site scripting (XSS) vulnerability in pbg

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in pbguestbook.php in JAB Guest Book allows remote attackers to inject arbitrary web script or HTML via the author parameter.


Cross-site scripting (XSS) vulnerability in gol

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in golden book allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.


SQL injection vulnerability in info_book.asp in

vulnerability | info_bookasp | arbitrary | attackers | injection | parameter | commands | execute | Digirez | earlier | book_id | allows | remote | SQL | via |

SQL injection vulnerability in info_book.asp in Digirez 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter.


PHP remote file inclusion vulnerability in smil

vulnerability | smiliesphp | attackers | inclusion | parameter | arbitrary | execute | config | allows | remote | Scorp | code | Book | file | PHP | via | URL |

PHP remote file inclusion vulnerability in smilies.php in Scorp Book 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config parameter.


Software vulnerabilities results 1 to 20 of 71     
Page: 1234