page software vulnerabilities
vulnerabilities.aspcode.net
Searching page software vulnerabilities
A Windows NT system does not clear the system p
information
|
sensitive
|
shutdown
|
recorded
|
Windows
|
during
|
system
|
might
|
allow
|
which
|
clear
|
does
|
file
|
page
|
not
|
A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.
Manual page reader (man) in FreeBSD 2.2 and ear
reader
|
Manual
|
page
|
Manual page reader (man) in FreeBSD 2.2 and earlier allows local users to gain privileges via a sequence of commands.
IIS allows local users to cause a denial of ser
expressions
|
service
|
invalid
|
regular
|
allows
|
Visual
|
script
|
denial
|
Basic
|
cause
|
users
|
local
|
page
|
ASP
|
IIS
|
via
|
IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page.
xman allows local users to gain privileges by m
metacharacters
|
privileges
|
modifying
|
contains
|
filename
|
MANPATH
|
allows
|
whose
|
local
|
shell
|
users
|
point
|
xman
|
gain
|
page
|
man
|
xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters.
Citrix NFuse 1.6 may allow remote attackers to
authentication
|
applications
|
applistasp
|
attackers
|
accessing
|
without
|
Citrix
|
remote
|
NFuse
|
allow
|
page
|
list
|
may
|
Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page.
Cross-site scripting vulnerability in the authe
authentication
|
vulnerability
|
Cross-site
|
scripting
|
page
|
Cross-site scripting vulnerability in the authentication page for (1) Webmin 0.96 and (2) Usermin 0.90 allows remote attackers to insert script into an error page and possibly steal cookies.
The Java Server Pages (JSP) engine in Tomcat al
Server
|
Pages
|
Java
|
The Java Server Pages (JSP) engine in Tomcat allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null).
The Java Server Pages (JSP) engine in JRun allo
Server
|
Pages
|
Java
|
The Java Server Pages (JSP) engine in JRun allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null).
The sendmail.jsp sample page in Oracle 9i Appli
Application
|
sendmailjsp
|
Oracle
|
sample
|
Server
|
page
|
The sendmail.jsp sample page in Oracle 9i Application Server (9iAS) allows remote attackers to send arbitrary emails.
bonsai Mozilla CVS query tool allows remote att
authentication
|
parameters
|
attackers
|
Mozilla
|
without
|
access
|
remote
|
bonsai
|
allows
|
query
|
gain
|
page
|
tool
|
CVS
|
bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication.
SQL injection vulnerability in Infinity WEB 1.0
authentication
|
vulnerability
|
privileges
|
attackers
|
injection
|
Infinity
|
bypass
|
allows
|
remote
|
login
|
gain
|
page
|
via
|
WEB
|
SQL
|
SQL injection vulnerability in Infinity WEB 1.0 allows remote attackers to bypass authentication and gain privileges via the login page.
Unknown vulnerability in DansGuardian before 2.
vulnerability
|
DansGuardian
|
attackers
|
crafted
|
filters
|
Unknown
|
request
|
causes
|
bypass
|
allows
|
261-13
|
before
|
remote
|
added
|
cache
|
clean
|
page
|
URL
|
via
|
Unknown vulnerability in DansGuardian before 2.6.1-13 allows remote attackers to bypass URL filters via a crafted request that causes a page to be added to the clean page cache.
Unspecified vulnerability in Hitachi Web Page G
vulnerability
|
Unspecified
|
Enterprise
|
Generator
|
Hitachi
|
Page
|
Web
|
Unspecified vulnerability in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier allows remote attackers to cause a denial of service via unknown attack vectors when a web site is "improperly accessed."
Firefox before 1.0.2 allows remote attackers to
Firefox
|
before
|
Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page.
SQL injection vulnerability in phpCoin 1.2.1b a
vulnerability
|
attackers
|
arbitrary
|
injection
|
commands
|
execute
|
phpCoin
|
earlier
|
allows
|
remote
|
121b
|
via
|
SQL
|
SQL injection vulnerability in phpCoin 1.2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the (1) term/keywords field on the search page, (2) username or (3) e-mail field on the forgot password page, or (4) domain name on the ordering new package page.
Linux 2.6.11 on 64-bit x86 (x86_64) platforms d
Linux
|
Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard page for the 47-bit address page to protect against an AMD K8 bug, which allows local users to cause a denial of service.
Safari in Mac OS X 10.3.9 and 10.4.2 submits fo
Safari
|
Mac
|
Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that is browsed by the user, which causes form data to be sent to the wrong site.
The FWDRV driver in Kerio Personal Firewall 4.2
Firewall
|
Personal
|
Server
|
driver
|
FWDRV
|
Kerio
|
The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka the "PEB lockout vulnerability."
Partial Links 1.2.2 allows remote attackers to
Partial
|
Links
|
Partial Links 1.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) page_footer.php and (2) page_header.php, which displays the path in an error message.
Race condition in Microsoft Internet Explorer 6
vulnerability"
|
locationhref
|
demonstrated
|
permissions
|
setInterval
|
transition
|
expression
|
try/catch
|
Microsoft
|
functions
|
attackers
|
condition
|
arbitrary
|
Explorer
|
Internet
|
content
|
actions
|
perform
|
execute
|
within
|
allows
|
remote
|
switch
|
"bait
|
other
|
code
|
page
|
Race
|
upon
|
aka
|
old
|
new
|
set
|
Race condition in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or perform other actions upon a page transition, with the permissions of the old page and the content of the new page, as demonstrated by setInterval functions that set location.href within a try/catch expression, aka the "bait & switch vulnerability."
Software vulnerabilities results 1 to 20 of 654
Page:
1
2
3
4
5
...
33
►