Searching modules software vulnerabilities

The installation of 1ArcServe Backup and Inocul

exchverifylog | installation | passwords | usernames | plaintext | 1ArcServe | contains | Inoculan | Exchange | modules | create | client | Backup | which | file | log |

The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext.


GTK+ library allows local users to specify arbi

environmental | setuid/setgid | GTK_MODULES | privileges | arbitrary | variable | program | library | specify | modules | allows | allow | local | could | users | which | GTK+ | used | gain | via |

GTK+ library allows local users to specify arbitrary modules via the GTK_MODULES environmental variable, which could allow local users to gain privileges if GTK+ is used by a setuid/setgid program.


Unknown vulnerability in login for AIX 5.1L, wh

authentication | vulnerability | attackers | loadable | Unknown | modules | remote | access | system | allows | login | using | gain | AIX | 51L |

Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system.


SQL injection vulnerabilities in the (1) Postgr

vulnerabilities | injection | SQL |

SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges.


Multiple SQL injection vulnerabilities in the (

vulnerabilities | injection | Multiple | SQL |

Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote attackers to perform unauthorized database operations.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | inclusion | Multiple | Docebo | remote | file | LMS | PHP |

Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 2.05 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) modules/credits/business.php, (2) modules/credits/credits.php, or (3) modules/credits/help.php.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | Content*Builder | inclusion | Multiple | remote | file | PHP |

Multiple PHP remote file inclusion vulnerabilities in Content*Builder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL with a trailing slash (/) character in the (1) lang_path parameter to (a) cms/plugins/col_man/column.inc.php, (b) cms/plugins/poll/poll.inc.php, (c) cms/plugins/user_managment/usrPortrait.inc.php, (d) cms/plugins/user_managment/user.inc.php, (e) cms/plugins/media_manager/media.inc.php, (f) cms/plugins/events/permanent.eventMonth.inc.php, (g) cms/plugins/events/events.inc.php, and (h) cms/plugins/newsletter2/newsletter.inc.php; (2) path[cb] paramter to (i) modules/guestbook/guestbook.inc.php, (j) modules/shoutbox/shoutBox.php, and (k) modules/sitemap/sitemap.inc.php; and the (3) rel parameter to (l) modules/download/overview.inc.php, (m) modules/download/detailView.inc.php, (n) modules/article/fullarticle.inc.php, (o) modules/article/comments.inc.php, (p) modules/article2/overview.inc.php, (q) modules/article2/fullarticle.inc.php, (r) modules/article2/comments.inc.php, (s) modules/headline/headlineBox.php, and (t) modules/headline/showHeadline.inc.php.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | componentphp | inclusion | Multiple | iManage | remote | file | CMS | PHP |

Multiple PHP remote file inclusion vulnerabilities in component.php in iManage CMS 4.0.12 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) articles.php, (2) contact.php, (3) displaypage.php, (4) faq.php, (5) mainbody.php, (6) news.php, (7) registration.php, (8) whosOnline.php, (9) components/com_calendar.php, (10) components/com_forum.php, (11) components/minibb/index.php, (12) components/minibb/bb_admin.php, (13) components/minibb/bb_plugins.php, (14) modules/mod_calendar.php, (15) modules/mod_browser_prefs.php, (16) modules/mod_counter.php, (17) modules/mod_online.php, (18) modules/mod_stats.php, (19) modules/mod_weather.php, (20) themes/bizz.php, (21) themes/default.php, (22) themes/simple.php, (23) themes/original.php, (24) themes/portal.php, (25) themes/purple.php, and other unspecified files.


Multiple SQL injection vulnerabilities in CubeC

vulnerabilities | injection | CubeCart | Multiple | SQL |

Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) oid parameter in modules/gateway/Protx/confirmed.php and the (2) x_invoice_num parameter in modules/gateway/Authorize/confirmed.php.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | inclusion | attackers | arbitrary | parameter | Multiple | execute | calpath | earlier | Vtiger | remote | allow | code | file | CRM | PHP | via | URL |

Multiple PHP remote file inclusion vulnerabilities in Vtiger CRM 4.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the calpath parameter to (1) modules/Calendar/admin/update.php, (2) modules/Calendar/admin/scheme.php, or (3) modules/Calendar/calendar.php.


PHP remote file inclusion vulnerability in modu

modules/mail/mainphp | vulnerability | MODULES_DIR | vHostAdmin | attackers | parameter | arbitrary | inclusion | execute | remote | Inter7 | allows | code | file | PHP | via | URL |

PHP remote file inclusion vulnerability in modules/mail/main.php in Inter7 vHostAdmin 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the MODULES_DIR parameter.


Comodo Firewall Pro (formerly Comodo Personal F

Firewall | Comodo | Pro |

Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and earlier uses a weak cryptographic hashing function (CRC32) to identify trusted modules, which allows local users to bypass security protections by substituting modified modules that have the same CRC32 value.


SQL injection vulnerability in the getArticle f

class/wfsarticlephp | vulnerability | WF-Section | getArticle | injection | function | SQL |

SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section (aka WF-Sections) 1.0.1, as used in Xoops modules such as (1) Zmagazine 1.0, (2) Happy Linux XFsection 1.07 and earlier, and possibly other modules, allows remote attackers to execute arbitrary SQL commands via the articleid parameter to print.php.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in Open-gorotto 2.0a 2006/02/08 edition, 2006/03/19 edition, and 2006/04/07 edition before Monday, April 16, 2007 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) pub/modules/d/_top.html; (2) /pub/modules/a/_access.html; (3) _circletop.html or (4) _cir66.html in pub/modules/ci/; or (5) _fri66.html, (6) _inv66.html, (7) _top.html, (8) _friends.html, or (9) _fri33.html in pub/modules/f/.


PHP remote file inclusion vulnerability in the

mosConfig_absolute_path | mod_as_categoryphp | vulnerability | attackers | arbitrary | AutoStand | inclusion | parameter | execute | earlier | module | remote | allows | Joomla | file | code | PHP | via | URL |

PHP remote file inclusion vulnerability in the AutoStand 1.1 and earlier module for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to mod_as_category.php in (1) modules/mod_as_category/ or (2) modules/.


Multiple SQL injection vulnerabilities in modul

modules/admin/modules/galleryphp | vulnerabilities | parameters | parameter | attackers | arbitrary | injection | possibly | Multiple | commands | execute | PHPEcho | earlier | 20-rc1 | remote | other | allow | SQL | CMS | via |

Multiple SQL injection vulnerabilities in modules/admin/modules/gallery.php in PHPEcho CMS 2.0-rc1 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter and possibly other parameters. NOTE: some of these details are obtained from third party information.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | inclusion | Multiple | remote | Musoo | file | PHP |

Multiple PHP remote file inclusion vulnerabilities in Musoo 0.21 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[ini_array][EXTLIB_PATH] parameter to (1) msDb.php, (2) modules/MusooTemplateLite.php, or (3) modules/SoundImporter.php.


Multiple SQL injection vulnerabilities in modul

vulnerabilities | modulephp | injection | Multiple | LANAI | SQL |

Multiple SQL injection vulnerabilities in module.php in LANAI (la-nai) CMS 1.2.14 allow remote attackers to execute arbitrary SQL commands via (1) the mid parameter in an faqviewgroup action in the FAQ Modules, (2) the cid parameter in the EZSHOPINGCART Modules, or (3) the gid parameter in a view action in the GALLERY Modules.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in Olate Download (od) 3.4.2 allow remote attackers to inject arbitrary web script or HTML via (1) the PHP_SELF variable in modules/core/uim.php and (2) [url] tags in a comment in modules/core/fldm.php.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | staticpath | Focus/SIS | attackers | arbitrary | parameter | inclusion | Multiple | execute | remote | allow | file | code | PHP | via | URL |

Multiple PHP remote file inclusion vulnerabilities in Focus/SIS 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the staticpath parameter to (1) modules/Discipline/CategoryBreakdownTime.php or (2) modules/Discipline/StudentFieldBreakdown.php.


Software vulnerabilities results 1 to 20 of 178     
Page: 12345...9