Searching mod frontpage software vulnerabilities

Microsoft FrontPage stores form results in a de

/_private/form_resultstxt | world-readable | information | accessible | attackers | FrontPage | Microsoft | sensitive | submitted | possibly | document | location | results | default | remote | stores | allows | users | which | other | root | read | form |

Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.


Buffer overflow in fpcount.exe in IIS 4.0 with

fpcountexe | Extensions | arbitrary | attackers | FrontPage | overflow | commands | execute | remote | Server | Buffer | allows | IIS |

Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands.


Frontpage Server Extensions allows remote attac

Extensions | /_vti_bin/ | determine | anonymous | directory | attackers | Frontpage | shtmldll | virtual | request | account | allows | Server | remote | name | POST | via | RPC |

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.


Frontpage Server Extensions allows remote attac

Extensions | htimageexe | attackers | determine | directory | Frontpage | physical | virtual | request | program | remote | allows | Server | path | CGI | GET | via |

Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual directory via a GET request to the htimage.exe CGI program.


FrontPage Personal Web Server (PWS) allows remo

FrontPage | Personal | Server | Web |

FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.


Buffer overflows in htimage.exe and Imagemap.ex

vulnerability | "Server-Side | Components" | Imagemapexe | Extensions | htimageexe | activities | otherwise | available | FrontPage | overflows | through | conduct | Server | Buffer | Image | allow | user | site | Map | not | web | aka |

Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.


The shtml.exe program in the FrontPage extensio

extensions | requesting | attackers | generates | determine | FrontPage | physical | shtmlexe | message | program | package | reveals | remote | allows | files | SHTML | which | exist | error | does | path | HTML | file | HTM | IIS | not | ASP |

The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.


The shtml.exe component of Microsoft FrontPage

Microsoft | FrontPage | component | shtmlexe |

The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name.


The shtml.exe component of Microsoft FrontPage

Microsoft | FrontPage | component | shtmlexe |

The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name.


The default installation of Apache before 1.3.1

installation | default | before | Apache |

The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.


Directory traversal vulnerability in phprocketa

phprocketaddin | vulnerability | Solutions | FrontPage | attackers | Directory | traversal | arbitrary | allows | remote | Rocket | Add-in | Total | files | read | via | PHP |

Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.


Microsoft Internet Information Server (IIS) 5.1

Information | Microsoft | Internet | Server |

Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension (FPSE) file, as claimed using an HTTP request for colegal.htm that contains .. (dot dot) sequences.


Buffer overflow in the debug functionality in f

functionality | fp30regdll | Extensions | Microsoft | FrontPage | overflow | Server | Buffer | debug |

Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.


Unknown vulnerability in the SmartHTML interpre

vulnerability | interpreter | SmartHTML | Unknown |

Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request.


The frontpage option in Limbo CMS 1.0.4.2 and 1

frontpage | option | Limbo | CMS |

The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote attackers to execute arbitrary PHP commands via the Itemid parameter in index.php.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | mambo-phpshop | inclusion | Multiple | Scroller | modules | Product | Module | remote | other | file | PHP |

Multiple PHP remote file inclusion vulnerabilities in the Product Scroller Module and other modules in mambo-phpshop (com_phpshop) for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) mod_phpshop.php, (2) mod_phpshop_allinone.php, (3) mod_phpshop_cart.php, (4) mod_phpshop_featureprod.php, (5) mod_phpshop_latestprod.php, (6) mod_product_categories.php, (7) mod_productscroller.php, and (8) mosproductsnap.php.


Multiple SQL injection vulnerabilities in mod.p

vulnerabilities | eNdonesia | attackers | arbitrary | injection | commands | Multiple | execute | modphp | remote | allow | via | SQL |

Multiple SQL injection vulnerabilities in mod.php in eNdonesia 8.4 allow remote attackers to execute arbitrary SQL commands via (1) the did parameter in a (a) viewdisk operation (diskusi mod), or the (2) cid parameter in a (b) viewlink (katalog mod) or (b) viewcat (diskusi mod) operation.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | config[pathMod] | inclusion | attackers | arbitrary | parameter | Multiple | indexphp | execute | earlier | remote | PMECMS | allow | file | code | PHP | via | URL |

Multiple PHP remote file inclusion vulnerabilities in PMECMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the config[pathMod] parameter to index.php in (1) mod/image/, (2) mod/liens/, (3) mod/liste/, (4) mod/special/, or (5) mod/texte/.


The CERN Image Map Dispatcher (htimage.exe) in

Dispatcher | Image | CERN | Map |

The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO.


lighttpd 1.4.15, when run on 32 bit platforms,

lighttpd |

lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the (1) mod_scgi, (2) mod_fastcgi, and (3) mod_webdav modules.


Software vulnerabilities results 1 to 20 of 218     
Page: 12345...11