Searching obtained software vulnerabilities

Buffer overflow in oops WWW proxy server 1.4.6

overflow | server | Buffer | proxy | oops |

Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other versions) allows remote attackers to execute arbitrary commands via a long host or domain name that is obtained from a reverse DNS lookup.


Buffer overflow in the spa_base64_to_bits funct

spa_base64_to_bits | function | overflow | before | Buffer | Exim |

Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.


SQL injection vulnerability in index.php in Net

vulnerability | attackers | arbitrary | injection | parameter | indexphp | commands | execute | Netref | allows | remote | SQL | cat | via |

SQL injection vulnerability in index.php in Netref 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this issue is unknown; the details were obtained solely from third party sources.


SQL injection vulnerability in UStore allows re

vulnerability | arbitrary | attackers | injection | commands | execute | UStore | allows | remote | via | SQL |

SQL injection vulnerability in UStore allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


SQL injection vulnerability in index.asp in pTo

vulnerability | attackers | arbitrary | injection | parameter | indexasp | commands | execute | pTools | allows | remote | docID | SQL | via |

SQL injection vulnerability in index.asp in pTools allows remote attackers to execute arbitrary SQL commands via the docID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


Buffer overflow in Golden FTP Server 1.92 allow

overflow | Server | Golden | Buffer | FTP |

Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long APPE command. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


Multiple SQL injection vulnerabilities in Coper

vulnerabilities | Copernicus | attackers | arbitrary | injection | commands | Multiple | execute | vectors | unknown | Europa | remote | allow | SQL | via |

Multiple SQL injection vulnerabilities in Copernicus Europa allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


Powersave daemon before 0.10.15.2 allows local

Powersave | before | daemon |

Powersave daemon before 0.10.15.2 allows local users to gain privileges (unauthorized access to an X session) via unspecified vectors. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information.


frameset.php in V-webmail 1.6.2 allows remote a

framesetphp | V-webmail |

frameset.php in V-webmail 1.6.2 allows remote attackers to conduct phishing attacks by referencing arbitrary websites in the rframe parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


help.php in V-webmail 1.6.2 allows remote attac

V-webmail | helpphp |

help.php in V-webmail 1.6.2 allows remote attackers to obtain the installation path via unspecified invalid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


LetterMerger 1.2 stores user information in Acc

LetterMerger | information | permissions | sensitive | insecure | database | allows | obtain | stores | Access | users | files | which | local | user |

LetterMerger 1.2 stores user information in Access database files with insecure permissions, which allows local users to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


Unspecified vulnerability in BorderWare MXtreme

vulnerability | Unspecified | BorderWare | attackers | unknown | vectors | MXtreme | attack | allows | impact | remote | have | via |

Unspecified vulnerability in BorderWare MXtreme 5.0 and 6.0 allows remote attackers to have an unknown impact via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


SQL injection vulnerability in PHP Script Index

vulnerability | attackers | arbitrary | parameter | injection | commands | execute | search | Script | allows | remote | Index | SQL | PHP | via |

SQL injection vulnerability in PHP Script Index allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


SQL injection vulnerability in login.php in Int

vulnerability | injection | loginphp | Interact | SQL |

SQL injection vulnerability in login.php in Interact 2.1.1 allows remote attackers to execute arbitrary SQL commands via the user_name parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party.


login.php in Interact 2.1.1 generates different

Interact | loginphp |

login.php in Interact 2.1.1 generates different responses depending on whether or not a username is valid, which allows remote attackers to determine valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


PhpWebGallery before 1.6.0RC1 allows remote att

PhpWebGallery | picturephp | specifying | arbitrary | parameter | attackers | pictures | request | without | obtain | 160RC1 | before | remote | allows | via | cat |

PhpWebGallery before 1.6.0RC1 allows remote attackers to obtain arbitrary pictures via a request to picture.php without specifying the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.


SQL injection vulnerability in detail.asp in DU

vulnerability | DUclassified | attackers | arbitrary | parameter | injection | detailasp | commands | execute | allows | remote | iPro | SQL | via |

SQL injection vulnerability in detail.asp in DUclassified allows remote attackers to execute arbitrary SQL commands via the iPro parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


SQL injection vulnerability in all_calendars.as

all_calendarsasp | MultiCalendars | vulnerability | arbitrary | attackers | injection | parameter | commands | execute | calsids | allows | remote | SQL | via |

SQL injection vulnerability in all_calendars.asp in MultiCalendars 3.0 allows remote attackers to execute arbitrary SQL commands via the calsids parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.


SQL injection vulnerability in search_result.as

search_resultasp | EDirectoryPro | vulnerability | arbitrary | attackers | injection | parameter | commands | execute | earlier | keyword | allows | remote | SQL | via |

SQL injection vulnerability in search_result.asp in EDirectoryPro 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.


SQL injection vulnerability in Destiney Links S

vulnerability | injection | Destiney | Script | Links | SQL |

SQL injection vulnerability in Destiney Links Script 2.1.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


Software vulnerabilities results 1 to 20 of 768     
Page: 12345...39