Searching mod sqlpw software vulnerabilities

Vulnerability in Apache httpd before 1.3.11, wh

Vulnerability | before | Apache | httpd |

Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files.


mod_sqlpw module in ProFTPD does not reset a ca

authenticated | privileges | mod_sqlpw | attackers | accounts | password | ProFTPD | command | change | allows | "user" | cached | module | users | other | reset | which | user | uses | does | gain | not |

mod_sqlpw module in ProFTPD does not reset a cached password when a user uses the "user" command to change accounts, which allows authenticated attackers to gain privileges of other users.


The default installation of Apache before 1.3.1

installation | default | before | Apache |

The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.


The PostgreSQL authentication modules (1) mod_a

authentication | PostgreSQL | modules |

The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2) mod_auth_pgsql_sys 0.9.4, allow remote attackers to bypass authentication and execute arbitrary SQL via a SQL injection attack on the user name.


Buffer overflow in mod_bf 0.2 allows local user

arbitrary | commands | overflow | execute | script | Buffer | mod_bf | allows | local | users | long | via |

Buffer overflow in mod_bf 0.2 allows local users execute arbitrary commands via a long script.


Buffer overflows in fpexec in mod_frontpage bef

mod_frontpage | overflows | before | Buffer | fpexec |

Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges.


Multiple stack-based buffer overflows in (1) mo

stack-based | overflows | Multiple | buffer |

Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.


Stack-based buffer overflow in mod_gzip_printf

mod_gzip_printf | Stack-based | attackers | arbitrary | filename | official | versions | possibly | mod_gzip | overflow | execute | running | earlier | request | 13261a | buffer | allows | remote | debug | later | long | mode | code | via | GET |

Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header.


mod_digest for Apache before 1.3.31 does not pr

mod_digest | before | Apache |

mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.


Attachment Mod 2.3.10 module for phpBB, when us

Attachment | Mod |

Attachment Mod 2.3.10 module for phpBB, when used with Apache mod_mime, does not properly handle files with multiple file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.


The publisher handler for mod_python 2.7.8 and

mod_python | publisher | handler |

The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.


Unknown vulnerability in Attachment Mod before

vulnerability | Attachment | Unknown | before | Mod |

Unknown vulnerability in Attachment Mod before 2.3.13, related to a "serious issue with realnames," has unknown impact and attack vectors.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | componentphp | inclusion | Multiple | iManage | remote | file | CMS | PHP |

Multiple PHP remote file inclusion vulnerabilities in component.php in iManage CMS 4.0.12 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) articles.php, (2) contact.php, (3) displaypage.php, (4) faq.php, (5) mainbody.php, (6) news.php, (7) registration.php, (8) whosOnline.php, (9) components/com_calendar.php, (10) components/com_forum.php, (11) components/minibb/index.php, (12) components/minibb/bb_admin.php, (13) components/minibb/bb_plugins.php, (14) modules/mod_calendar.php, (15) modules/mod_browser_prefs.php, (16) modules/mod_counter.php, (17) modules/mod_online.php, (18) modules/mod_stats.php, (19) modules/mod_weather.php, (20) themes/bizz.php, (21) themes/default.php, (22) themes/simple.php, (23) themes/original.php, (24) themes/portal.php, (25) themes/purple.php, and other unspecified files.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | mambo-phpshop | inclusion | Multiple | Scroller | modules | Product | Module | remote | other | file | PHP |

Multiple PHP remote file inclusion vulnerabilities in the Product Scroller Module and other modules in mambo-phpshop (com_phpshop) for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) mod_phpshop.php, (2) mod_phpshop_allinone.php, (3) mod_phpshop_cart.php, (4) mod_phpshop_featureprod.php, (5) mod_phpshop_latestprod.php, (6) mod_product_categories.php, (7) mod_productscroller.php, and (8) mosproductsnap.php.


Multiple SQL injection vulnerabilities in mod.p

vulnerabilities | eNdonesia | attackers | arbitrary | injection | commands | Multiple | execute | modphp | remote | allow | via | SQL |

Multiple SQL injection vulnerabilities in mod.php in eNdonesia 8.4 allow remote attackers to execute arbitrary SQL commands via (1) the did parameter in a (a) viewdisk operation (diskusi mod), or the (2) cid parameter in a (b) viewlink (katalog mod) or (b) viewcat (diskusi mod) operation.


PHP remote file inclusion vulnerability in incl

includes/functions_mod_userphp | vulnerability | inclusion | Import | remote | phpBB | Tools | file | Mod | PHP |

PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBB Import Tools Mod 0.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.


Unspecified vulnerability in the mod_roster_odb

mod_roster_odbc | vulnerability | Unspecified | ejabberd | before | module |

Unspecified vulnerability in the mod_roster_odbc module in ejabberd before 1.1.3 has unknown impact and attack vectors.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | config[pathMod] | inclusion | attackers | arbitrary | parameter | Multiple | indexphp | execute | earlier | remote | PMECMS | allow | file | code | PHP | via | URL |

Multiple PHP remote file inclusion vulnerabilities in PMECMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the config[pathMod] parameter to index.php in (1) mod/image/, (2) mod/liens/, (3) mod/liste/, (4) mod/special/, or (5) mod/texte/.


Cross-site scripting (XSS) vulnerability in mod

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in mod_lettermansubscribe.php in the Letterman Subscriber (mod_letterman) before 1.2.5 module for Joomla! allows remote attackers to inject arbitrary web script or HTML via the Itemid parameter.


lighttpd 1.4.15, when run on 32 bit platforms,

lighttpd |

lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the (1) mod_scgi, (2) mod_fastcgi, and (3) mod_webdav modules.


Software vulnerabilities results 1 to 20 of 200     
Page: 12345...11