parameters software vulnerabilities
vulnerabilities.aspcode.net
Searching parameters software vulnerabilities
FormMail.pl in FormMail 1.6 and earlier allows
FormMailpl
|
anonymous
|
attacker
|
FormMail
|
earlier
|
allows
|
remote
|
email
|
send
|
FormMail.pl in FormMail 1.6 and earlier allows a remote attacker to send anonymous email (spam) by modifying the recipient and message parameters.
PGPMail.pl 1.31 allows remote attackers to exec
PGPMailpl
|
PGPMail.pl 1.31 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) recipient or (2) pgpuserid parameters.
FileSeek.cgi allows remote attackers to execute
metacharacters
|
FileSeekcgi
|
attackers
|
arbitrary
|
commands
|
execute
|
allows
|
remote
|
shell
|
via
|
FileSeek.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) head or (2) foot parameters.
bonsai Mozilla CVS query tool allows remote att
authentication
|
parameters
|
attackers
|
Mozilla
|
without
|
access
|
remote
|
bonsai
|
allows
|
query
|
gain
|
page
|
tool
|
CVS
|
bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication.
WebCalendar allows remote attackers to gain pri
WebCalendar
|
privileges
|
parameters
|
modifying
|
attackers
|
critical
|
allows
|
remote
|
gain
|
WebCalendar allows remote attackers to gain privileges by modifying critical parameters to (1) view_entry.php or (2) upcoming.php.
McFreeScan.CoMcFreeScan.1 ActiveX object in Mca
GetSpecialFolderLocation
|
McFreeScanCoMcFreeScan1
|
information
|
parameters
|
attackers
|
sensitive
|
function
|
FreeScan
|
ActiveX
|
certain
|
object
|
allows
|
remote
|
obtain
|
Mcafee
|
via
|
McFreeScan.CoMcFreeScan.1 ActiveX object in Mcafee FreeScan allows remote attackers to obtain sensitive information via the GetSpecialFolderLocation function with certain parameters.
awstats.pl in AWStats 6.3 and 6.4 allows remote
parameters
|
pluginmode
|
loadplugin
|
awstatspl
|
attackers
|
setting
|
AWStats
|
rawlog
|
remote
|
allows
|
server
|
logs
|
read
|
web
|
awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loadplugin and pluginmode parameters to rawlog.
Multiple SQL injection vulnerabilities in DCP-P
vulnerabilities
|
DCP-Portal
|
injection
|
Multiple
|
SQL
|
Multiple SQL injection vulnerabilities in DCP-Portal 6.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the lcat, doc, or uid parameters to index.php, or (2) the mid or bid parameters to forums.php.
delpm.php in PBLang 4.63 allows remote authenti
delpmphp
|
PBLang
|
delpm.php in PBLang 4.63 allows remote authenticated users to delete arbitrary PM files by modifying the "id" and "a" parameters.
phpcart.php in PHPCart 3.2 allows remote attack
information
|
phpcartphp
|
attackers
|
modifying
|
product
|
PHPCart
|
allows
|
remote
|
change
|
price
|
phpcart.php in PHPCart 3.2 allows remote attackers to change product price information by modifying the (1) price or (2) postage parameters.
Cookie Cart allows remote attackers to read the
Notification
|
parameters
|
attackers
|
testmycgi
|
Cookie
|
allows
|
remote
|
Order
|
read
|
path
|
list
|
Cart
|
via
|
Cookie Cart allows remote attackers to read the Order Notification list via the testmycgi and path parameters to testmy.cgi.
read.cgi in GlobalNoteScript allows remote atta
GlobalNoteScript
|
metacharacters
|
parameters
|
arbitrary
|
attackers
|
commands
|
readcgi
|
execute
|
allows
|
remote
|
shell
|
file
|
via
|
read.cgi in GlobalNoteScript allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameters.
Directory traversal vulnerability in GNU Gnump3
vulnerability
|
Directory
|
traversal
|
Gnump3d
|
before
|
GNU
|
Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values".
SQL injection vulnerability in SMBCMS 2.1 allow
vulnerability
|
unspecified
|
parameters
|
attackers
|
arbitrary
|
injection
|
commands
|
execute
|
remote
|
search
|
SMBCMS
|
allows
|
SQL
|
via
|
SQL injection vulnerability in SMBCMS 2.1 allows remote attackers to execute arbitrary SQL commands via unspecified search parameters.
SQL injection vulnerability in Benders Calendar
vulnerability
|
demonstrated
|
parameters
|
attackers
|
arbitrary
|
injection
|
commands
|
Calendar
|
multiple
|
Benders
|
execute
|
allows
|
remote
|
SQL
|
via
|
SQL injection vulnerability in Benders Calendar 1.0 allows remote attackers to execute arbitrary SQL commands via multiple parameters, as demonstrated by the (1) year, (2) month, and (3) day parameters.
readfolder.php in imageVue 16.1 allows remote a
readfolderphp
|
imageVue
|
readfolder.php in imageVue 16.1 allows remote attackers to list directories via modified path and ext parameters.
SQL injection vulnerability in Chirpy! 0.1 allo
vulnerability
|
unspecified
|
parameters
|
attackers
|
arbitrary
|
injection
|
commands
|
execute
|
Chirpy
|
remote
|
allows
|
SQL
|
via
|
SQL injection vulnerability in Chirpy! 0.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
SQL injection vulnerability in CS-Forum before
vulnerability
|
injection
|
CS-Forum
|
before
|
SQL
|
SQL injection vulnerability in CS-Forum before 0.82 allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) debut parameters in (a) read.php, and the (3) search and (4) debut parameters in (b) index.php.
Speedywiki 2.0 allows remote attackers to obtai
Speedywiki
|
attackers
|
obtain
|
server
|
allows
|
remote
|
path
|
full
|
via
|
web
|
Speedywiki 2.0 allows remote attackers to obtain the full path of the web server via the (1) showRevisions[] and (2) searchText[] parameters in (a) index.php, and (b) a direct request to upload.php without any parameters.
sitex allows remote attackers to obtain potenti
potentially
|
information
|
attackers
|
sensitive
|
obtain
|
allows
|
remote
|
sitex
|
via
|
sitex allows remote attackers to obtain potentially sensitive information via a ' (quote) value for certain parameters, as demonstrated by parameters used in forum and search, which forces a SQL error.
Software vulnerabilities results 1 to 20 of 1091
Page:
1
2
3
4
5
...
55
►