Searching pro 1000 software vulnerabilities

WebSite Pro allows remote attackers to determin

webdirectories | attackers | determine | malformed | pathname | WebSite | request | remote | allows | real | Pro | URL | via |

WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request.


Netopia Timbuktu Pro sends user IDs and passwor

passwords | cleartext | attackers | Timbuktu | sniffing | Netopia | allows | obtain | remote | sends | which | them | user | Pro | via | IDs |

Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obtain them via sniffing.


The authentication protocol in Timbuktu Pro 2.0

authentication | connections | attackers | protocol | Timbuktu | service | denial | allows | 20b650 | remote | cause | port | Pro | via |

The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417.


FileMaker Pro 5 Web Companion allows remote att

Companion | attackers | anonymous | FileMaker | forged | remote | allows | email | send | Pro | Web |

FileMaker Pro 5 Web Companion allows remote attackers to send anonymous or forged email.


WFTPD and WFTPD Pro 2.41 allows remote attacker

WFTPD | Pro |

WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing an MLST command before logging into the server.


The telnet port in Arescom NetDSL 1000 router a

Arescom | NetDSL | telnet | port |

The telnet port in Arescom NetDSL 1000 router allows remote attackers to cause a denial of service via a series of connections with long strings, which causes a large number of login failures and causes the telnet service to stop.


UTStarcom BAS 1000 3.1.10 creates several defau

UTStarcom | BAS |

UTStarcom BAS 1000 3.1.10 creates several default or back door accounts and passwords, which allows remote attackers to gain access via (1) field account with a password of "*field", (2) guru account with a password of "*3noguru", (3) snmp account with a password of "snmp", or (4) dbase account with a password of "dbase".


Multiple vulnerabilities in the H.323 protocol

vulnerabilities | implementation | Communications | Networks | Business | Multiple | protocol | Manager | Nortel | H323 |

Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.


Agnitum Outpost Pro Firewall 2.1 allows remote

attackers | Firewall | service | Agnitum | Outpost | denial | allows | remote | cause | Pro |

Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro.


Multiple SQL injection vulnerabilities in Snail

vulnerabilities | SnailSource | attackers | arbitrary | injection | Multiple | commands | execute | remote | phpBB | allow | mods | via | SQL | 20x |

Multiple SQL injection vulnerabilities in SnailSource phpBB 2.0.x mods allow remote attackers to execute arbitrary SQL commands via the (1) file_id parameter to dlman.php in DLMan Pro or (2) id parameter to links.php in Linkz Pro (aka LinksLinks Pro).


The CGIwrap program before 3.9 on Debian GNU/Li

GNU/Linux | incorrect | CGIwrap | minimum | program | before | Debian | value | uses |

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems.


Multiple SQL injection vulnerabilities in adcbr

vulnerabilities | adcbrowresphp | arbitrary | attackers | injection | commands | Multiple | execute | ADC2000 | Center | remote | allow | Lite | via | SQL | Pro |

Multiple SQL injection vulnerabilities in adcbrowres.php in AD Center ADC2000 NG Pro 1.2 and NG Pro Lite allow remote attackers to execute arbitrary SQL commands via the (1) cat and (2) lang parameters.


Cross-site scripting (XSS) vulnerability in my.

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in my.acctab.php3 in F5 Networks FirePass 1000 SSL VPN 5.5, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the sid parameter.


SQL injection vulnerability in bus_details.asp

bus_detailsasp | vulnerability | Directory | injection | Business | Dragon | Pro | SQL |

SQL injection vulnerability in bus_details.asp in Dragon Business Directory - Pro (aka Dragon Internet Business Search Directory - Pro) 3.01.12 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter.


The Net Direct client for Linux before 6.0.5 in

client | before | Direct | Linux | Net |

The Net Direct client for Linux before 6.0.5 in Nortel Application Switch 2424, VPN 3050 and 3070, and SSL VPN Module 1000 extracts and executes files with insecure permissions, which allows local users to exploit a race condition to replace a world-writable file in /tmp/NetClient and cause another user to execute arbitrary code when attempting to execute this client, as demonstrated by replacing /tmp/NetClient/client.


Cisco Aironet 1000 Series and 1500 Series Light

Aironet | Cisco |

Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192.


Nortel VPN Router (aka Contivity) 1000, 2000, 4

Router | Nortel | VPN |

Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_05.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store.


Nortel VPN Router (aka Contivity) 1000, 2000, 4

Router | Nortel | VPN |

Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network.


Nortel VPN Router (aka Contivity) 1000, 2000, 4

Router | Nortel | VPN |

Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests.


PHP remote file inclusion vulnerability in page

vulnerability | RGameScript | arbitrary | attackers | parameter | inclusion | execute | pagephp | allows | remote | code | file | RCMS | URL | Pro | PHP | via |

PHP remote file inclusion vulnerability in page.php in RCMS Pro RGameScript Pro allows remote attackers to execute arbitrary PHP code via a URL in the id parameter.


Software vulnerabilities results 1 to 20 of 388     
Page: 12345...20