Searching menu software vulnerabilities

Preview version of Timbuktu for Mac OS X allows

Preferences | Timbuktu | without | logging | Preview | version | System | modify | allows | local | users | menu | via | Mac |

Preview version of Timbuktu for Mac OS X allows local users to modify System Preferences without logging in via the About Timbuktu menu.


Kebi WebMail allows remote attackers to access

administrator | privileges | attackers | installed | directory | document | WebMail | remote | allows | hidden | access | under | which | gain | menu | root | Kebi | web | via | /a/ |

Kebi WebMail allows remote attackers to access the administrator menu and gain privileges via the /a/ hidden directory, which is installed under the web document root.


The System Request menu in IBM AS/400 allows lo

accounts | viewing | Request | allows | object | System | USRPRF | AS/400 | valid | local | users | names | type | menu | list | user | IBM |

The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF.


CRLF injection vulnerability in fvwm-menu-direc

fvwm-menu-directory | vulnerability | injection | before | fvwm | CRLF | 25x |

CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.4.18 allows local users to execute arbitrary commands via carriage returns in a filename.


Gigabyte Gn-B46B 2.4Ghz wireless broadband rout

broadband | wireless | firmware | Gigabyte | Gn-B46B | router | 24Ghz |

Gigabyte Gn-B46B 2.4Ghz wireless broadband router firmware 1.003.00 allows local users on the same local network as the router to bypass authentication by using a copy of the router's html menu on a separate system.


Buffer overflow in the process_menu function in

process_menu | yardradius | function | overflow | Buffer |

Buffer overflow in the process_menu function in yardradius 1.0.20 allows remote attackers to execute arbitrary code.


The conference menu in ActivePost Standard 3.1

password-protected | information | conference | ActivePost | connection | cleartext | attackers | sensitive | passwords | Standard | sniffing | network | remote | which | rooms | sends | allow | could | menu | gain |

The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleartext, which could allow remote attackers to gain sensitive information by sniffing the network connection.


Servers Alive 4.1 and 5.0, when running as a se

privileges | service | loading | Servers | running | before | manual | allows | SYSTEM | which | under | users | Alive | local | drop | gain | does | help | menu | not |

Servers Alive 4.1 and 5.0, when running as a service, does not drop SYSTEM privileges before loading local manual under the help menu, which allows local users to gain privileges.


BPFTPServer service in BulletProof FTP Server 2

BulletProof | BPFTPServer | service | Server | FTP |

BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not properly drop privileges before opening files through the Help menu, which allows local users to gain privileges.


nvstatsmngr.exe process in BakBone NetVault 7.1

nvstatsmngrexe | privileges | properly | NetVault | process | opening | BakBone | before | allows | which | local | users | files | gain | Help | menu | does | drop | not | via |

nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | iPhotoAlbum | inclusion | attackers | arbitrary | Multiple | execute | remote | allow | code | file | via | PHP |

Multiple PHP remote file inclusion vulnerabilities in iPhotoAlbum 1.1 allow remote attackers to execute arbitrary code via the (1) doc_path parameter to getpage.php or (2) set_menu parameter to lib/static/header.php.


Directory traversal vulnerability in SaveWebPor

vulnerability | SaveWebPortal | arbitrary | attackers | sequences | Directory | traversal | programs | execute | include | allows | remote | files | local | via | PHP |

Directory traversal vulnerability in SaveWebPortal 3.4 allows remote attackers to include arbitrary files and execute arbitrary local PHP programs via ".." sequences in the (1) SITE_Path parameter to menu_dx.php or (2) CONTENTS_Dir parameter to menu_sx.php.


PHP remote file inclusion vulnerability in Save

vulnerability | SaveWebPortal | attackers | inclusion | arbitrary | execute | allows | remote | code | file | via | PHP |

PHP remote file inclusion vulnerability in SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP code via the (1) SITE_Path parameter to menu_dx.php or (2) CONTENTS_Dir parameter to menu_sx.php.


Unspecified vulnerability in Teamwork 3 before

vulnerability | Unspecified | security | Teamwork | vectors | related | unknown | before | attack | impact | alpha | bug" | menu | has |

Unspecified vulnerability in Teamwork 3 before alpha 1.7 has unknown impact and attack vectors, related to "a menu security bug."


Certain unspecified Kyocera printers have a def

administrative | unspecified | attackers | password | printers | Kyocera | Certain | account | session | default | "admin" | access | telnet | allows | remote | blank | which | have | menu | via |

Certain unspecified Kyocera printers have a default "admin" account with a blank password, which allows remote attackers to access an administrative menu via a telnet session.


The multiplayer menu in OpenTTD 0.4.7 allows re

multiplayer | OpenTTD | menu |

The multiplayer menu in OpenTTD 0.4.7 allows remote attackers to cause a denial of service via a UDP packet with an incorrect size, which causes the client to return to the main menu.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | phpProfiles | inclusion | attackers | parameter | arbitrary | Multiple | execute | earlier | remote | allow | code | menu | 312b | file | PHP | via | URL |

Multiple PHP remote file inclusion vulnerabilities in phpProfiles 3.1.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the menu parameter to (1) include/body.inc.php or (2) include/body_admin.inc.php; or a URL in the incpath parameter to (3) index.inc.php, (4) account.inc.php, (5) admin_newcomm.inc.php, (6) header_admin.inc.php, (7) header.inc.php, (8) friends.inc.php, (9) menu_u.inc.php, (10) notify.inc.php, (11) body.inc.php, (12) body_admin.inc.php, (13) commrecc.inc.php, (14) do_reg.inc.php, (15) comm_post.inc.php, or (16) menu_v.inc.php in include/, different vectors than CVE-2006-5634. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in realGuestbook 5.01, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) bg_color_1, (2) fs_menu, (3) fc_menu, (4) ff_menu, (5) bg_color_2, (6) fs_normal, (7) fc_normal, and (8) ff_normal parameters to welcome_admin.php; and possibly unspecified other parameters and files. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


Directory traversal vulnerability in index.php

vulnerability | attackers | arbitrary | traversal | Directory | indexphp | witshare | include | execute | allows | remote | files | local | via |

Directory traversal vulnerability in index.php in witshare 0.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the menu parameter.


The Menu Manager Mod for (1) web-app.net WebAPP

Manager | Menu | Mod |

The Menu Manager Mod for (1) web-app.net WebAPP (aka WebAPP NE) 0.9.9.3.3 through 0.9.9.8, and (2) web-app.org WebAPP before 0.9.9.6, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the titles of items in a personal menu.


Software vulnerabilities results 1 to 20 of 56     
Page: 123