power software vulnerabilities
vulnerabilities.aspcode.net
Searching power software vulnerabilities
In Windows NT, an inappropriate user is a membe
inappropriate
|
Administrator
|
Replicators
|
Operators
|
Windows
|
System
|
Admins
|
Guests
|
Domain
|
member
|
Backup
|
Print
|
Users
|
group
|
Power
|
user
|
etc
|
In Windows NT, an inappropriate user is a member of a group, e.g. Administrator, Backup Operators, Domain Admins, Domain Guests, Power Users, Print Operators, Replicators, System Operators, etc.
Directory traversal vulnerability in r.pl (aka
vulnerability
|
traversal
|
Directory
|
rpl
|
Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker Power Up HTML 0.8033beta allows remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the FILE parameter.
American Power Conversion (APC) Web/SNMP Manage
Conversion
|
American
|
Power
|
American Power Conversion (APC) Web/SNMP Management SmartSlot Card 3.0 through 3.0.3 and 3.21 are shipped with a default password of TENmanUFactOryPOWER, which allows remote attackers to gain unauthorized access.
Invision Power Board 1.3 Final allows remote at
installation
|
information
|
sensitive
|
attackers
|
"Personal
|
selecting
|
displays
|
Invision
|
message
|
Photo"
|
allows
|
remote
|
image
|
which
|
error
|
Power
|
Final
|
Board
|
file
|
path
|
gain
|
not
|
Invision Power Board 1.3 Final allows remote attackers to gain sensitive information by selecting a file for "Personal Photo" that is not an image file, which displays the installation path in an error message.
Cross-site scripting (XSS) vulnerability in icq
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in icq.cgi in Board Power 2.04PF allows remote attackers to inject arbitrary web script or HTML via the action parameter.
Web Forums Server 1.6 and 2.0 Power Pack stores
Usernameini
|
privileges
|
passwords
|
plaintext
|
Server
|
Forums
|
allows
|
stores
|
which
|
local
|
Power
|
users
|
gain
|
Pack
|
file
|
Web
|
Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext in the Username.ini file, which allows local users to gain privileges.
SQL injection vulnerability in post.php in Invi
vulnerability
|
injection
|
Invision
|
postphp
|
Board
|
Power
|
SQL
|
SQL injection vulnerability in post.php in Invision Power Board (IPB) 2.0.0 through 2.0.2 allows remote attackers to execute arbitrary SQL commands via the qpid parameter.
SQL injection vulnerability in index.php in the
vulnerability
|
ibProArcade
|
injection
|
Invision
|
indexphp
|
module
|
Board
|
Power
|
SQL
|
SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board (IPB) 1.x and 2.x allows remote attackers to execute arbitrary SQL commands via the cat parameter.
Cross-site scripting (XSS) vulnerability in ind
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in index.php in Invision Power Board 2.0.0 allows remote attackers to execute arbitrary web script or HTML via the Referer field in the HTTP header.
SQL injection vulnerability in calendar.php for
$this->chosen_month
|
vulnerability
|
calendarphp
|
attackers
|
arbitrary
|
parameter
|
injection
|
Invision
|
commands
|
variable
|
execute
|
allows
|
remote
|
which
|
Board
|
Power
|
sets
|
via
|
SQL
|
SQL injection vulnerability in calendar.php for Invision Power Board 1.3 allows remote attackers to execute arbitrary SQL commands via the m parameter, which sets the $this->chosen_month variable.
SQL injection vulnerability in index.php in Inv
vulnerability
|
arbitrary
|
parameter
|
injection
|
attackers
|
comments
|
indexphp
|
Invision
|
execute
|
earlier
|
action
|
remote
|
allows
|
Power
|
List
|
Site
|
SQL
|
Top
|
via
|
SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and earlier allows remote attackers to execute arbitrary SQL via the id parameter of the comments action.
Cross-site scripting (XSS) vulnerability in Inv
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in Invision Power Board 1.3 Final allows remote attackers to execute arbitrary script as other users via the pop parameter in a chat action to index.php.
Cross-site scripting (XSS) vulnerability in Inv
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request.
SQL injection vulnerability in index.php in Inv
vulnerability
|
injection
|
Invision
|
indexphp
|
Board
|
Power
|
SQL
|
SQL injection vulnerability in index.php in Invision Power Board 1.3.1 Final and earlier allows remote attackers to execute arbitrary SQL commands via the st parameter.
Cross-site scripting (XSS) vulnerability in (1)
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in (1) search.php and (2) topics.php for Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the highlite parameter.
SQL injection vulnerability in Invision Power B
vulnerability
|
injection
|
Invision
|
Board
|
Power
|
SQL
|
SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash (pass_hash) that modifies the internal $pid variable.
Invision Power Board (IPB) 1.0 through 1.3 allo
Invision
|
Board
|
Power
|
Invision Power Board (IPB) 1.0 through 1.3 allows remote attackers to edit arbitrary forum posts via a direct request to index.php with modified parameters.
Invision Power Board (IPB) 1.0.3 allows remote
Invision
|
Board
|
Power
|
Invision Power Board (IPB) 1.0.3 allows remote attackers to inject arbitrary web script or HTML via an attachment, which is automatically downloaded and processed as HTML.
index.php in Invision Power Board (IPB) 2.0.1,
Invision
|
indexphp
|
Board
|
Power
|
index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation disabled, allows remote attackers to cause an unspecified denial of service by registering a large number of users.
SQL injection vulnerability in include/get_user
include/get_userdataphp
|
vulnerability
|
injection
|
Phlogger
|
Power
|
SQL
|
SQL injection vulnerability in include/get_userdata.php in Power Phlogger 2.2.5 allows remote attackers to execute arbitrary SQL commands via the username parameter to login.php.
Software vulnerabilities results 1 to 20 of 78
Page:
1
2
3
4
►