Searching post software vulnerabilities

Frontpage Server Extensions allows remote attac

Extensions | /_vti_bin/ | determine | anonymous | directory | attackers | Frontpage | shtmldll | virtual | request | account | allows | Server | remote | name | POST | via | RPC |

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.


The web server for the SonicWALL SOHO firewall

SonicWALL | attackers | firewall | service | request | denial | remote | server | allows | empty | cause | POST | SOHO | GET | via | web |

The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request.


The Web interface for Infinite Interchange 3.6.

Interchange | interface | Infinite | Web |

The Web interface for Infinite Interchange 3.6.1 allows remote attackers to cause a denial of service (application crash) via a large POST request.


Vulnerability in (1) Book of guests and (2) Pos

Vulnerability |

Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter.


Bugzilla before 2.14.1 allows remote attackers

Bugzilla | before |

Bugzilla before 2.14.1 allows remote attackers to (1) spoof a user comment via an HTTP request to process_bug.cgi using the "who" parameter, instead of the Bugzilla_login cookie, or (2) post a bug as another user by modifying the reporter parameter to enter_bug.cgi, which is passed to post_bug.cgi.


The web server for D-Link DP-300 print server a

attackers | service | allows | remote | denial | D-Link | server | DP-300 | print | cause | web |

The web server for D-Link DP-300 print server allows remote attackers to cause a denial of service (hang) via a large HTTP POST request.


The Post_Method function in method.c for Monkey

Post_Method | function | methodc | Daemon | before | Monkey | HTTP |

The Post_Method function in method.c for Monkey HTTP Daemon before 0.5.1 allows remote attackers to cause a denial of service (crash) via a POST request with an invalid or missing Content-Length header value.


CGIForum 1.0 through 1.05 allows remote attacke

CGIForum | through |

CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of service (infinite recursion) by creating a message board post that is a child of an outdated parent.


Pan 0.13.3 and earlier allows remote attackers

Pan |

Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post with a long author email address.


Monit 1.4 to 4.1 allows remote attackers to cau

attackers | service | denial | allows | remote | Monit | cause |

Monit 1.4 to 4.1 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request with a negative Content-Length field.


The Post_Method function in Monkey HTTP Daemon

Post_Method | function | Daemon | before | Monkey | HTTP |

The Post_Method function in Monkey HTTP Daemon before 0.6.2 allows remote attackers to cause a denial of service (crash) via a POST request without a Content-Type header.


Safari in Mac OS X before 10.3.5, after sending

before | Safari | Mac |

Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the data to a GET method URL if that URL is redirected after the POST data and the user uses the forward or backward buttons, which may cause an information leak.


PHP-Post allows remote attackers to spoof the n

hex-encoded | registering | characters | containing | attackers | username | PHP-Post | remote | allows | names | spoof | users | other |

PHP-Post allows remote attackers to spoof the names of other users by registering with a username containing hex-encoded characters.


PwsPHP 1.2.2 allows remote attackers to bypass

PwsPHP |

PwsPHP 1.2.2 allows remote attackers to bypass authentication and post arbitrary comments via the Pseudo cookie.


forum_post.php in e107 0.6 allows remote attack

forum_postphp | non-existent | attackers | modifying | forums | number | allows | remote | forum | e107 | post |

forum_post.php in e107 0.6 allows remote attackers to post to non-existent forums by modifying the forum number.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in PHP-Post (PHPp) 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the subject in a post, or the user parameter to (2) profile.php and (3) mail.php.


Invision Power Board (IPB) before 2.1.6 allows

Invision | Board | Power |

Invision Power Board (IPB) before 2.1.6 allows remote attackers to execute arbitrary PHP script via attack vectors involving (1) the post_icon variable in classes/post/class_post.php and (2) the df value in action_public/moderate.php.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | Revolution | inclusion | parameter | arbitrary | attackers | Multiple | execute | remote | allow | code | Post | file | URL | dir | PHP | RC2 | via |

Multiple PHP remote file inclusion vulnerabilities in Post Revolution 6.6 and 7.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the dir parameter to (1) common.php or (2) themes/default/preview_post_completo.php.


Polipo before 1.0.2 allows remote HTTP servers

before | Polipo |

Polipo before 1.0.2 allows remote HTTP servers to cause a denial of service (daemon crash) by aborting the response to a POST request.


ELinks before 0.11.3, when sending a POST reque

before | ELinks |

ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content headers of the POST request to the CONNECT request in cleartext, which allows remote attackers to sniff sensitive data that would have been protected by TLS. NOTE: this issue only occurs when a proxy is defined for https.


Software vulnerabilities results 1 to 20 of 238     
Page: 12345...12