online software vulnerabilities
vulnerabilities.aspcode.net
Searching online software vulnerabilities
Buffer overflow in www.tol module in America On
overflow
|
America
|
Online
|
module
|
Buffer
|
wwwtol
|
Buffer overflow in www.tol module in America Online (AOL) 5.0 may allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long URL in a link.
Cross-site scripting (XSS) vulnerability in CGI
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in CGI Online Worldweb Shopping 1.1 (a.k.a. COWS) allows remote attackers to execute arbitrary script as other users by injecting script into (1) diagnose.cgi or (2) compatible.cgi.
Cross-site scripting (XSS) vulnerability in use
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in userlog.php in TeeKai Tracking Online 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Cross-site scripting (XSS) vulnerability in Tee
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows remote attackers to inject arbitrary web script or HTML via the valid_username_online cookie.
TeeKai Tracking Online 1.0 uses weak encryption
data/userlog/logtxt
|
encryption
|
statistics
|
attackers
|
dividing
|
Tracking
|
identify
|
visiting
|
remote
|
allows
|
Online
|
TeeKai
|
usage
|
which
|
octet
|
'20'
|
hash
|
each
|
uses
|
weak
|
site
|
IP's
|
web
|
MD5
|
TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'.
Cross-site scripting (XSS) vulnerability in mor
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in more.php for Online Store Kit 3.0 allows remote attackers to inject arbitrary HTML via the id parameter.
YaST Online Update (YOU) in SuSE 8.2 and 9.0 al
Update
|
Online
|
YaST
|
YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a symlink attack on you-$USER/cookies.
Online-bookmarks before 0.4.6 allows remote att
Online-bookmarks
|
before
|
Online-bookmarks before 0.4.6 allows remote attackers to bypass its authentication mechanism via a direct request to (1) config/*, (2) bookmarks.php, (3) footer.php, (4) main.php, (5) tree.php, or (6) functions.php.
Multiple unknown vulnerabilities in Online Recr
vulnerabilities
|
Recruitment
|
Multiple
|
unknown
|
vectors
|
impact
|
attack
|
Online
|
Agency
|
have
|
Multiple unknown vulnerabilities in Online Recruitment Agency 1.0 have unknown impact and attack vectors.
GameSpy SDK CD-Key Validation Toolkit, as used
Validation
|
attackers
|
command
|
sending
|
spoofed
|
GameSpy
|
Toolkit
|
bypass
|
longer
|
server
|
\disc\
|
CD-Key
|
online
|
remote
|
allows
|
which
|
tells
|
games
|
many
|
used
|
use
|
key
|
SDK
|
GameSpy SDK CD-Key Validation Toolkit, as used by many online games, allows remote attackers to bypass the CD key validation by sending a spoofed \disc\ command, which tells the server the CD key is no longer in use.
SQL injection vulnerability in login.asp in an
vulnerability
|
Solutions
|
Educators
|
injection
|
loginasp
|
product
|
unknown
|
Online
|
SQL
|
SQL injection vulnerability in login.asp in an unknown product by Online Solutions for Educators (OS4E) allows remote attackers to execute arbitrary SQL commands via the password.
The iTAN Online-Banking Security System allows
man-in-the-middle
|
Online-Banking
|
attackers
|
Security
|
numbers
|
obtain
|
System
|
allows
|
remote
|
iTAN
|
via
|
TAN
|
The iTAN Online-Banking Security System allows remote attackers to obtain TAN numbers via a man-in-the-middle (MITM) attack while the transaction is taking place, which facilitates a "phishing" attack.
Cross-site scripting (XSS) vulnerability in sea
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in search.asp in Online Knowledge Base System (OKBSYS) Lite Edition 1.0 allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the q parameter.
Cross-site scripting (XSS) vulnerability in sea
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in search.asp in Online Attendance System (OASYS) Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via certain search parameters, possibly the keyword parameter.
Directory traversal vulnerability in My Album O
vulnerability
|
arbitrary
|
attackers
|
traversal
|
Directory
|
access
|
remote
|
Online
|
allows
|
files
|
Album
|
"/"
|
via
|
Directory traversal vulnerability in My Album Online 1.0 allows remote attackers to access arbitrary files via ".../" (triple dot) sequences in unspecified vectors.
Cross-site scripting (XSS) vulnerability in art
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in article.htm in Zwahlen Online Shop allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
Unspecified vulnerability in the Sales Online c
vulnerability
|
Unspecified
|
E-Business
|
component
|
Oracle
|
Online
|
Suite
|
Sales
|
Unspecified vulnerability in the Sales Online component for Oracle E-Business Suite 11.5.10 has unknown impact and remote authenticated attack vectors, aka APPS08.
SQL injection vulnerability in sign_in.aspx in
vulnerability
|
sign_inaspx
|
WebEvents
|
injection
|
SQL
|
SQL injection vulnerability in sign_in.aspx in WebEvents (Online Event Registration Template) allows remote attackers to execute arbitrary SQL commands via the Password parameter.
SQL injection vulnerability in sign_in.aspx in
vulnerability
|
sign_inaspx
|
injection
|
WebStore
|
SQL
|
SQL injection vulnerability in sign_in.aspx in WebStore (Online Store Application Template) allows remote attackers to execute arbitrary SQL commands via the Password parameter.
Battlefront Dropteam 1.3.3 and earlier sends th
Battlefront
|
Dropteam
|
Battlefront Dropteam 1.3.3 and earlier sends the client's online account name and password to the game server, which allows malicious game servers to steal account information.
Software vulnerabilities results 1 to 20 of 81
Page:
1
2
3
4
5
►