matching software vulnerabilities
vulnerabilities.aspcode.net
Searching matching software vulnerabilities
The throttle capability in Swatch may fail to r
capability
|
throttle
|
certain
|
report
|
Swatch
|
events
|
fail
|
may
|
The throttle capability in Swatch may fail to report certain events if (1) the same type of event occurs after the throttle period, or (2) when multiple events matching the same "watchfor" expression do not occur after the throttle period, which could allow attackers to avoid detection.
phpSquidPass before 0.2 uses an incomplete regu
authenticated
|
phpSquidPass
|
effectively
|
incomplete
|
expression
|
attackers
|
usernames
|
database
|
targeted
|
username
|
matching
|
matches
|
regular
|
delete
|
before
|
allows
|
remote
|
short
|
other
|
which
|
uses
|
find
|
its
|
end
|
via
|
phpSquidPass before 0.2 uses an incomplete regular expression to find a matching username in its database, which allows remote authenticated attackers to effectively delete other usernames via a short username that matches the end of the targeted username.
The HTTP proxy for Symantec Enterprise Firewall
Enterprise
|
Firewall
|
Symantec
|
proxy
|
HTTP
|
The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8.
The URL pattern matching feature in BEA WebLogi
restrictions
|
wildcards
|
attackers
|
WebLogic
|
patterns
|
matching
|
rejected
|
properly
|
intended
|
because
|
feature
|
pattern
|
matches
|
illegal
|
ending
|
remote
|
Server
|
access
|
bypass
|
allow
|
which
|
legal
|
cause
|
could
|
they
|
were
|
"/*"
|
URL
|
BEA
|
"*"
|
The URL pattern matching feature in BEA WebLogic Server 6.x matches illegal patterns ending in "*" as wildcards as if they were the legal "/*" pattern, which could cause WebLogic 7.x to allow remote attackers to bypass intended access restrictions because the illegal patterns are properly rejected.
Bugzilla 2.19.1 through 2.20rc2 and 2.21, with
Bugzilla
|
Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in substring mode, allows attackers to list all users whose names match an arbitrary substring, even when the usevisibilitygroups parameter is set.
Joomla! before 1.0.11 does not properly unset v
before
|
Joomla
|
Joomla! before 1.0.11 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to have an unspecified impact. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in Joomla!.
Simple Machines Forum (SMF) 1.1RCx before 1.1RC
Machines
|
Simple
|
Forum
|
Simple Machines Forum (SMF) 1.1RCx before 1.1RC3, and 1.0.x before 1.0.8, does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to perform directory traversal attacks to read arbitrary local files, lock topics, and possibly have other security impacts. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in Simple Machines Forum.
e107 0.75 and earlier does not properly unset v
e107
|
e107 0.75 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code via the tinyMCE_imglib_include image/jpeg parameter in e107_handlers/tiny_mce/plugins/ibrowser/ibrowser.php, as demonstrated by a multipart/form-data request. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in e107.
OSU 3.11alpha and 3.10a allows remote attackers
information
|
containing
|
attackers
|
sensitive
|
311alpha
|
obtain
|
remote
|
allows
|
310a
|
OSU
|
URL
|
via
|
OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive information via a URL containing an * (asterisk) wildcard, which displays all matching file and directory information.
Woltlab Burning Board (wBB) Lite 1.0.2 does not
Burning
|
Woltlab
|
Board
|
Woltlab Burning Board (wBB) Lite 1.0.2 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary SQL commands via the wbb_userid parameter to the top-level URI. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in wBB Lite.
Algorithmic complexity vulnerability in Snort b
vulnerability
|
Algorithmic
|
complexity
|
before
|
Snort
|
Algorithmic complexity vulnerability in Snort before 2.6.1, during predicate evaluation in rule matching for certain rules, allows remote attackers to cause a denial of service (CPU consumption and detection outage) via crafted network traffic, aka a "backtracking attack."
phpGraphy before 0.9.13a does not properly unse
alphanumeric
|
parameter's
|
pictures[]
|
phpGraphy
|
arbitrary
|
attackers
|
parameter
|
variables
|
configphp
|
uploading
|
indexphp
|
matching
|
properly
|
includes
|
execute
|
numeric
|
allows
|
remote
|
before
|
input
|
unset
|
0913a
|
which
|
value
|
file
|
does
|
data
|
hash
|
code
|
via
|
PHP
|
not
|
phpGraphy before 0.9.13a does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a config.php file via the pictures[] parameter to index.php. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpGraphy.
SQL injection vulnerability in wwv_flow_utiliti
wwv_flow_utilitiesgen_popup_list
|
WWV_FLOW_UTILITIES
|
P_LOV_CHECKSUM
|
authenticated
|
vulnerability
|
APEX/HTMLDB
|
calculating
|
modifying
|
injection
|
arbitrary
|
parameter
|
matching
|
checksum
|
execute
|
package
|
before
|
Oracle
|
allows
|
remote
|
users
|
P_LOV
|
SQL
|
MD5
|
SQL injection vulnerability in wwv_flow_utilities.gen_popup_list in the WWV_FLOW_UTILITIES package for Oracle APEX/HTMLDB before 2.2 allows remote authenticated users to execute arbitrary SQL by modifying the P_LOV parameter and calculating a matching MD5 checksum for the P_LOV_CHECKSUM parameter. NOTE: it is likely that this issue is subsumed by CVE-2006-5351, but due to lack of details from Oracle, this cannot be proven.
wp-trackback.php in WordPress 2.0.6 and earlier
wp-trackbackphp
|
WordPress
|
wp-trackback.php in WordPress 2.0.6 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary SQL commands via the tb_id parameter. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in WordPress.
common/safety.php in Aztek Forum 4.00 allows re
common/safetyphp
|
Forum
|
Aztek
|
common/safety.php in Aztek Forum 4.00 allows remote attackers to enter certain data containing %22 sequences (URL encoded double quotes) and other potentially dangerous manipulations by sending a cookie, which bypasses the blacklist matching against the GET and PUT superglobal arrays.
Unspecified vulnerability in invscout in Invent
vulnerability
|
demonstrated
|
invscoutrte
|
Unspecified
|
hostnames
|
substring
|
Inventory
|
hostname
|
matching
|
invscout
|
ending
|
"unix"
|
system
|
delete
|
allows
|
local
|
Scout
|
alias
|
users
|
files
|
names
|
final
|
have
|
IBM
|
AIX
|
Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix".
ELSEIF CMS Beta 0.6 does not properly unset var
externe/swfupload/uploadphp
|
alphanumeric
|
parameter's
|
variables
|
parameter
|
uploading
|
attackers
|
arbitrary
|
includes
|
matching
|
properly
|
execute
|
numeric
|
ELSEIF
|
allows
|
remote
|
unset
|
value
|
input
|
which
|
Beta
|
code
|
file
|
does
|
hash
|
data
|
via
|
not
|
PHP
|
CMS
|
ELSEIF CMS Beta 0.6 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a .php file via externe/swfupload/upload.php. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in ELSEIF CMS.
Software vulnerabilities results 1 to 18 of 18
Page:
1