Searching reference software vulnerabilities

dcboard.cgi in DCForum 2000 1.0 allows remote a

dcboardcgi | DCForum |

dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arbitrary commands by uploading a Perl program to the server and using a .. (dot dot) in the AZ parameter to reference the program.


PHP remote file inclusion vulnerability in chec

phpSecurePages | vulnerability | checkloginphp | inclusion | remote | file | PHP |

PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows remote attackers to execute arbitrary PHP code by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code.


PL/SQL module 3.0.9.8.2 in Oracle 9i Applicatio

module | PL/SQL |

PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to bypass authentication for a Database Access Descriptor (DAD) by modifying the URL to reference an alternate DAD that already has valid credentials.


ptrace on HP-UX 11.00 through 11.11 allows loca

ptrace | HP-UX |

ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state."


Cisco ONS15454 and ONS15327 running ONS before

attackers | ONS15327 | ONS15454 | service | running | denial | allows | before | Cisco | cause | ONS |

Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset) via an HTTP request to the TCC, TCC+ or XTC, in which the request contains an invalid CORBA Interoperable Object Reference (IOR).


Zeroboard 4.1, when the "allow_url_fopen" and "

"register_globals" | "allow_url_fopen" | arbitrary | attackers | modifying | reference | parameter | variables | Zeroboard | _zb_path | contains | execute | enabled | server | allows | remote | code | web | PHP | URL |

Zeroboard 4.1, when the "allow_url_fopen" and "register_globals" variables are enabled, allows remote attackers to execute arbitrary PHP code by modifying the _zb_path parameter to reference a URL on a remote web server that contains the code.


sastcpd in SAS/Base 8.0 allows local users to e

environment | reference | arbitrary | malicious | executed | authprog | SAS/Base | variable | program | execute | sastcpd | setting | allows | which | users | local | code | then |

sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd.


/bin/su in QNX realtime operating system (RTOS)

operating | realtime | /bin/su | system | QNX |

/bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by sending the SIGSERV (invalid memory reference) signal.


Microsoft Outlook 2002 allows remote attackers

Microsoft | Outlook |

Microsoft Outlook 2002 allows remote attackers to embed bypass the file download restrictions for attachments via an HTML email message that uses an IFRAME to reference malicious content.


publish_xp_docs.php in Gallery 1.3.2 allows rem

publish_xp_docsphp | Gallery |

publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code.


haut.php in PEEL 1.0b allows remote attackers t

modifying | attackers | arbitrary | parameter | reference | contains | dirroot | langphp | hautphp | execute | allows | remote | server | file | code | PEEL | 10b | URL | web | PHP |

haut.php in PEEL 1.0b allows remote attackers to execute arbitrary PHP code by modifying the dirroot parameter to reference a URL on a remote web server that contains the code in a lang.php file.


SSI.php in YaBB SE 1.5.2 allows remote attacker

SSIphp | YaBB |

SSI.php in YaBB SE 1.5.2 allows remote attackers to execute arbitrary PHP code by modifying the sourcedir parameter to reference a URL on a remote web server that contains the code.


mainfile.php in phpforum 2 RC-1, and possibly e

mainfilephp | modifying | arbitrary | attackers | reference | parameter | MAIN_PATH | possibly | versions | contains | phpforum | earlier | execute | allows | remote | server | code | RC-1 | PHP | URL | web |

mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by modifying the MAIN_PATH parameter to reference a URL on a remote web server that contains the code.


PHP remote file inclusion vulnerability in inde

KnowledgeBuilder | vulnerability | KnowledgeBase | attackers | parameter | reference | arbitrary | modifying | inclusion | indexphp | referred | contains | execute | remote | server | allows | file | code | page | web | PHP | URL |

PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code.


misc.cpp in KPopup 0.9.1 trusts the PATH variab

misccpp | KPopup |

misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program.


CuteNews 0.88 allows remote attackers to execut

CuteNews |

CuteNews 0.88 allows remote attackers to execute arbitrary PHP code by modifying the cutepath parameter in (1) shownews.php, (2) search.php, or (3) comments.php to reference a URL on a remote web server that contains config.php or news.txt.


aff_liste_langue.php in E-theni allows remote a

aff_liste_languephp | para_languephp | rep_include | modifying | reference | parameter | arbitrary | attackers | contains | E-theni | execute | server | remote | allows | code | PHP | web | URL |

aff_liste_langue.php in E-theni allows remote attackers to execute arbitrary PHP code by modifying the rep_include parameter to reference a URL on a remote web server that contains para_langue.php.


PHPX 2.0 through 3.2.4 allows remote attackers

through | PHPX |

PHPX 2.0 through 3.2.4 allows remote attackers to gain access to other accounts by modifying the cookie's PXL variable to reference another userID.


PHP remote file inclusion vulnerability in inde

vulnerability | inclusion | indexphp | Artmedic | remote | links | file | PHP |

PHP remote file inclusion vulnerability in index.php for Artmedic links 5.0 (artmedic_links5) allows remote attackers to execute arbitrary PHP code by modifying the id parameter to reference a URL on a remote web server that contains the code.


SafeDisc installs the driver service for the se

configuration | permissions | privileges | malicious | secdrvsys | reference | changing | installs | SafeDisc | insecure | service | program | allows | driver | which | users | local | gain |

SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to gain privileges by changing the configuration to reference a malicious program.


Software vulnerabilities results 1 to 20 of 114     
Page: 123456