Searching list software vulnerabilities

A URL for a WWW directory allows auto-indexing,

auto-indexing | indexhtml | directory | provides | contain | allows | files | which | file | does | list | URL | not | all |

A URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file.


Buffer overflow in qpopper 3.0 beta versions al

privileges | versions | overflow | command | qpopper | Buffer | allows | users | local | long | LIST | gain | beta | via |

Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST command.


Directory traversal vulnerability in Transsoft

vulnerability | Transsoft | attackers | Directory | traversal | allows | before | Broker | FTP |

Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the file name.


Cooolsoft PowerFTP Server 2.03 allows remote at

Cooolsoft | PowerFTP | Server |

Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the contents of arbitrary drives via a ls (LIST) command that includes the drive letter as an argument, e.g. "ls C:".


Add2it Mailman Free 1.73 and earlier allows rem

Mailman | Add2it | Free |

Add2it Mailman Free 1.73 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the list parameter.


Citrix NFuse 1.6 may allow remote attackers to

authentication | applications | applistasp | attackers | accessing | without | Citrix | remote | NFuse | allow | page | list | may |

Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page.


ASP-Nuke RC2 and earlier allows remote attacker

submitting | attackers | logged-in | "pseudo" | ASP-Nuke | invalid | earlier | allows | cookie | remote | users | list | RC2 | all |

ASP-Nuke RC2 and earlier allows remote attackers to list all logged-in users by submitting an invalid "pseudo" cookie.


Directory traversal vulnerability in TYPSoft FT

vulnerability | Directory | traversal | TYPSoft | server | FTP |

Directory traversal vulnerability in TYPSoft FTP server 0.97.1 and earlier allows a remote authenticated user (possibly anonymous) to list arbitrary directories via a .. in a LIST (ls) command ending in wildcard *.* characters.


BadBlue 1.7.0 allows remote attackers to list t

BadBlue |

BadBlue 1.7.0 allows remote attackers to list the contents of directories via a URL with an encoded '%' character at the end.


WebTide 7.04 allows remote attackers to list ar

WebTide |

WebTide 7.04 allows remote attackers to list arbitrary directories via an HTTP request for %3f.jsp (encoded "?").


byteHoard 0.7 and 0.71 allows remote attackers

byteHoard |

byteHoard 0.7 and 0.71 allows remote attackers to list arbitrary files and directories via a direct request to files.inc.php.


Buffer overflow in CuteFTP 5.0 allows remote at

arbitrary | attackers | response | overflow | command | execute | CuteFTP | Buffer | remote | allows | LIST | code | long | via |

Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbitrary code via a long response to a LIST command.


The (1) write_list and (2) dump_curr_list funct


The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files.


Multiple unknown vulnerabilities in PROMS 0.11

vulnerabilities | Multiple | unknown | PROMS |

Multiple unknown vulnerabilities in PROMS 0.11 allow "non-authorized users" to (1) view or modify the project member list or (2) modify the todos list.


Directory traversal vulnerability in Golden FTP

vulnerability | Directory | traversal | Server | Golden | FTP |

Directory traversal vulnerability in Golden FTP Server 2.60 allows remote authenticated attackers to list arbitrary directories via a "\.." (backslash dot dot) in an LS (LIST) command.


The FTP server in HP-UX 10.20, B.11.00, and B.1

server | HP-UX | FTP |

The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in.


MiniGal 2 (MG2) 0.5.1 allows remote attackers t

MiniGal |

MiniGal 2 (MG2) 0.5.1 allows remote attackers to list password protected images via a request to index.php with the list parameter set to * (wildcard) and the page parameter set to all.


Directory traversal vulnerability in Dovecot 1.

vulnerability | directories | sequences | attackers | Directory | traversal | Dovecot | mailbox | parent | obtain | allows | remote | names | files | under | beta | list | mbox | via |

Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.


The Extensions manager in Mozilla Firefox 2.0 d

RemoveElement | demonstrated | Extensions | attackers | construct | extension | populate | properly | calling | finding | Firefox | manager | FFsniFF | Mozilla | itself | allows | local | which | hides | list | then | does | name | not | its |

The Extensions manager in Mozilla Firefox 2.0 does not properly populate the list of local extensions, which allows attackers to construct an extension that hides itself by finding its name in the list and then calling RemoveElement, as demonstrated by the FFsniFF extension.


Absolute path traversal vulnerability in list_m

list_main_pagesphp | vulnerability | Cromosoft | Plantilla | traversal | Absolute | Simple | path | PHP |

Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to list arbitrary directories, and read arbitrary files, via an absolute pathname in the nfolder parameter.


Software vulnerabilities results 1 to 20 of 334     
Page: 12345...17