online bookmarks software vulnerabilities

Searching online bookmarks software vulnerabilities

DPEC Online Courseware allows an attacker to ch

DPEC Online Courseware allows an attacker to change another user's password without knowing the original password.

Hotline Client 1.8.5 stores sensitive user info

Hotline Client 1.8.5 stores sensitive user information, including passwords, in plaintext in the bookmarks file, which could allow local users with access to the bookmarks file to gain privileges by extracting the passwords.

Active PHP Bookmarks (APB) 1.1.01 allows remote

Bookmarks | Active | PHP |

Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to execute arbitrary PHP code via (1) head.php, (2) apb_common.php, or (3) apb_view_class.php by modifying the APB_SETTINGS parameter to reference a URL on a remote web server that contains the code.

add_bookmark.php in Active PHP Bookmarks (APB)

add_bookmarkphp | Bookmarks | Active | PHP |

add_bookmark.php in Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to add arbitrary bookmarks as other users using a modified auth_user_id parameter.

Cross-site scripting (XSS) vulnerability in mor

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in more.php for Online Store Kit 3.0 allows remote attackers to inject arbitrary HTML via the id parameter.

YaST Online Update (YOU) in SuSE 8.2 and 9.0 al

Update | Online | YaST |

YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a symlink attack on you-$USER/cookies.

Multiple unknown vulnerabilities in Online Recr

Multiple unknown vulnerabilities in Online Recruitment Agency 1.0 have unknown impact and attack vectors.

booby.php in Booby 1.0.0 and earlier allows rem

boobyphp | Booby |

booby.php in Booby 1.0.0 and earlier allows remote attackers to view private bookmarks by guessing item IDs.

SQL injection vulnerability in login.asp in an

SQL injection vulnerability in login.asp in an unknown product by Online Solutions for Educators (OS4E) allows remote attackers to execute arbitrary SQL commands via the password.

Directory traversal vulnerability in My Album O

Directory traversal vulnerability in My Album Online 1.0 allows remote attackers to access arbitrary files via ".../" (triple dot) sequences in unspecified vectors.

Cross-site scripting (XSS) vulnerability in art

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in article.htm in Zwahlen Online Shop allows remote attackers to inject arbitrary web script or HTML via the cat parameter.

DISPUTED Multiple PHP remote file inclus

** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in L. Brandon Stone and Nathanial P. Hendler Active PHP Bookmarks (APB) 1.1.02 allow remote attackers to execute arbitrary PHP code via a URL in the APB_SETTINGS['apb_path'] parameter in (1) apb_common.php or (2) apb.php. NOTE: CVE and another third party dispute this vulnerability because these PHP scripts exit if the attack vectors are present in GPC variables.

SQL injection vulnerability in the login functi

SQL injection vulnerability in the login function in auth.inc in Stefan Frech online-bookmarks 0.6.12 allows remote attackers to execute arbitrary SQL commands via the (1) username and possibly the (2) password parameter. NOTE: some of these details are obtained from third party information.

Software vulnerabilities results 1 to 20 of 88

Page: 12 3 4 5 ►

online bookmarks software vulnerabilities

vulnerabilities.aspcode.net