Searching link mainphp software vulnerabilities

Microsoft Outlook Express allows remote attacke

vulnerability | Mail-Browser | "Persistent | persistent | attackers | Microsoft | creating | Outlook | browser | Express | windows | monitor | allows | user's | remote | email | Link" | link | aka |

Microsoft Outlook Express allows remote attackers to monitor a user's email by creating a persistent browser link to the Outlook Express windows, aka the "Persistent Mail-Browser Link" vulnerability.


Transsoft Broker 5.9.5.0 allows remote attacker

Transsoft | Broker |

Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.


NTFS file system in Windows NT 4.0 and Windows

Windows | system | NTFS | file |

NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file.


Hard link and possibly symbolic link following

vulnerabilities | following | symbolic | possibly | RTOS | Hard | link | QNX |

Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to crttrap, or (4) using the Watcom sample utility.


The web server for D-Link DP-300 print server a

attackers | service | allows | remote | denial | D-Link | server | DP-300 | print | cause | web |

The web server for D-Link DP-300 print server allows remote attackers to cause a denial of service (hang) via a large HTTP POST request.


psbanner in the LPRng package allows local user

/tmp/before | overwrite | arbitrary | psbanner | symbolic | package | allows | attack | files | local | users | LPRng | file | link | via |

psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file.


Portage before 2.0.50-r3 allows local users to

overwrite | arbitrary | lockfiles | 2050-r3 | Portage | before | allows | attack | files | users | local | link | hard | via |

Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.


Microsoft Internet Explorer 6.0 SP1 allows remo

attackers | Microsoft | Explorer | Internet | service | denial | allows | remote | cause | SP1 |

Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (browser crash) via a link with "::{" (colon colon left brace), which triggers a null dereference when the user attempts to save the link using "Save As" and Internet Explorer prepares an error message with an attacker-controlled format string.


login.cgi in Community Link Pro Web Editor allo

parameter | arbitrary | attackers | Community | logincgi | commands | execute | remote | Editor | allows | file | Link | via | Web | Pro |

login.cgi in Community Link Pro Web Editor allows remote attackers to execute arbitrary commands via the file parameter.


Cross-site scripting (XSS) vulnerability in Lin

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Link Up Gold 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) link parameter to tell_friend.php, (2) phrase[] parameter to search.php in a search_links_advanced action, and the (3) direction or (4) sort parameter to articles.php.


Cross-site request forgery (CSRF) vulnerability

Cross-site | forgery | request |

Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbcode (IMG) are enabled, allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag in a user profile, as demonstrated using links to (1) admin/admin_users.php and (2) modcp.php.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in (1) link_edited.php and (2) link_added.php in Hinton Design phpht Topsites 1.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.


SQL injection vulnerability in PCPIN Chat 5.0.4

vulnerability | injection | PCPIN | Chat | SQL |

SQL injection vulnerability in PCPIN Chat 5.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username field (login parameter) to main.php.


SQL injection vulnerability in index.php in Boo

vulnerability | Barracuda | arbitrary | injection | attackers | commands | indexphp | execute | earlier | BoonEx | remote | allows | via | SQL |

SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) link_dir_target and (2) link_id_target parameter, possibly involving the link_edit functionality.


Multiple SQL injection vulnerabilities in APBoa

vulnerabilities | arbitrary | injection | attackers | commands | Multiple | execute | earlier | APBoard | remote | 22-r3 | allow | via | SQL |

Multiple SQL injection vulnerabilities in APBoard 2.2-r3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) PHPSESSID parameter in board.php and (2) viewcatmod parameter in main.php.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | inclusion | attackers | parameter | arbitrary | Multiple | Johannes | earlier | execute | Erdfelt | remote | config | allow | Kawf | code | file | PHP | via | URL |

Multiple PHP remote file inclusion vulnerabilities in Johannes Erdfelt Kawf 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the config parameter in (1) main.php or (2) user/account/main.php.


D-LINK DWL-2000AP+ firmware 2.11 allows remote

DWL-2000AP+ | firmware | D-LINK |

D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1) a denial of service (device reset) via a flood of ARP replies on the wired or wireless (radio) link and (2) a denial of service (device crash) via a flood of ARP requests on the wireless link.


Cross-site scripting (XSS) vulnerability in ind

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in index.html (aka the administration page) in PHP Link Directory (phpLD) 3.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted link, which is triggered when the administrator uses the "Validate Links" functionality.


The terminal_helper_execute function in termina

terminal_helper_execute | terminal/terminalc | Terminal | function | Xfce |

The terminal_helper_execute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via the (1) unlim_num_rows, (2) sql_query, or (3) pos parameter to (a) tbl_export.php; the (4) session_max_rows or (5) pos parameter to (b) sql.php; the (6) username parameter to (c) server_privileges.php; or the (7) sql_query parameter to (d) main.php. NOTE: vector 5 might be a regression or incomplete fix for CVE-2006-6942.7.


Software vulnerabilities results 1 to 20 of 239     
Page: 12345...12