referred software vulnerabilities
vulnerabilities.aspcode.net
Searching referred software vulnerabilities
Vignette StoryServer and Vignette V/5 does not
demonstrated
|
unauthorized
|
StoryServer
|
CookieName
|
calculate
|
variables
|
referred
|
argument
|
template
|
portions
|
Vignette
|
properly
|
reports
|
"memory
|
string
|
memory
|
causes
|
return
|
login
|
which
|
leak"
|
using
|
"-->"
|
size
|
some
|
does
|
text
|
not
|
V/5
|
Vignette StoryServer and Vignette V/5 does not properly calculate the size of text variables, which causes Vignette to return unauthorized portions of memory, as demonstrated using the "-->" string in a CookieName argument to the login template, referred to as a "memory leak" in some reports.
The (1) menu.inc.php, (2) datasets.php and (3)
The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeations.inc.php) scripts in N/X 2002 allow remote attackers to execute arbitrary PHP code via a c_path that references a URL on a remote web server that contains the code.
Buffer overflow in digestmd5.c CVS release 1.17
digestmd5c
|
overflow
|
release
|
Buffer
|
CVS
|
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in ProjectBB 0.4.5.1 allow remote attackers to inject arbitrary web script or HTML via (1) the pages parameter to divers.php (incorrectly referred to as "drivers.php" by some sources), (2) in the search feature text area, (3) forum name, (4) site name or (5) the maximum avatar size in the option section, (5) new category or (6) new forum fields in the forum section.
Multiple SQL injection vulnerabilities in Proje
vulnerabilities
|
ProjectBB
|
injection
|
Multiple
|
SQL
|
Multiple SQL injection vulnerabilities in ProjectBB 0.4.5.1 allow remote attackers to execute arbitrary SQL commands via (1) liste or (2) desc parameters to divers.php (incorrectly referred to as "drivers.php" by some sources), (3) the search feature text area, (4) post name in the post creation feature, (5) City, (6) Homepage, (7) ICQ, (8) AOL, (9) Yahoo!, (10) MSN, or (11) e-mail fields in the profile feature or (12) the new field in the moderator section.
pam_ldap and nss_ldap, when used with OpenLDAP
connecting
|
subsequent
|
connection
|
cleartext
|
attackers
|
pam_ldap
|
nss_ldap
|
password
|
referred
|
OpenLDAP
|
client
|
master
|
allows
|
remote
|
sniff
|
cause
|
slave
|
using
|
which
|
used
|
sent
|
does
|
use
|
not
|
may
|
TLS
|
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers to sniff the password.
Open Ticket Request System (OTRS) 1.0.0 through
Request
|
System
|
Ticket
|
Open
|
Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3, when AttachmentDownloadType is set to inline, renders text/html e-mail attachments as HTML in the browser when the queue moderator attempts to download the attachment, which allows remote attackers to execute arbitrary web script or HTML. NOTE: this particular issue is referred to as XSS by some sources.
Multiple SQL injection vulnerabilities in DRZES
vulnerabilities
|
arbitrary
|
attackers
|
injection
|
commands
|
Multiple
|
execute
|
remote
|
DRZES
|
allow
|
via
|
SQL
|
HMS
|
Multiple SQL injection vulnerabilities in DRZES HMS 3.2 allow remote attackers to execute arbitrary SQL commands via the (1) plan_id parameter to (a) domains.php, (b) viewusage.php, (c) pop_accounts.php, (d) databases.php, (e) ftp_users.php, (f) crons.php, (g) pass_dirs.php, (h) zone_files.php, (i) htaccess.php, and (j) software.php; (2) the customerPlanID parameter to viewplan.php; (3) the ref_id parameter to referred_plans.php; (4) customerPlanID parameter to listcharges.php; and (5) the domain parameter to (k) pop_accounts.php, (d) databases.php, (e) ftp_users.php, (f) crons.php, (g) pass_dirs.php, (h) zone_files.php, (i) htaccess.php, and (j) software.php. NOTE: the viewinvoice.php invoiceID vector is already covered by CVE-2005-4137.
PHP remote file include vulnerability in functi
functions_adminphp
|
vulnerability
|
Virtual
|
include
|
remote
|
file
|
War
|
PHP
|
PHP remote file include vulnerability in functions_admin.php in Virtual War (VWar) 1.5.0 R10 allows remote attackers to include and execute arbitrary PHP code via unspecified attack vectors. NOTE: this issue has been referred to as XSS, but it is clear from the vendor description that it is a file inclusion problem.
SQL injection vulnerability in yazdir.asp in Ci
vulnerability
|
attackers
|
arbitrary
|
yazdirasp
|
injection
|
parameter
|
haber_id
|
commands
|
execute
|
allows
|
remote
|
Cilem
|
Hiber
|
SQL
|
via
|
SQL injection vulnerability in yazdir.asp in Cilem Hiber 1.1 allows remote attackers to execute arbitrary SQL commands via the haber_id parameter. NOTE: this product has also been referred to as "Cilem News," although that does not appear to be the proper name.
PHP before 5.1.3-RC1 might allow remote attacke
html_entity_decode
|
processes
|
attackers
|
portions
|
function
|
crafted
|
safety"
|
encoded
|
"binary
|
results
|
513-RC1
|
client
|
script
|
before
|
memory
|
obtain
|
remote
|
binary
|
sends
|
issue
|
allow
|
input
|
might
|
back
|
data
|
sent
|
user
|
PHP
|
via
|
aka
|
PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of memory via crafted binary data sent to a script that processes user input in the html_entity_decode function and sends the encoded results back to the client, aka a "binary safety" issue. NOTE: this issue has been referred to as a "memory leak," but it is an information leak that discloses memory contents.
Bitrix Site Manager 4.1.x allows remote attacke
attackers
|
back_url
|
redirect
|
modified
|
websites
|
request
|
Manager
|
during
|
Bitrix
|
remote
|
allows
|
users
|
other
|
HTTP
|
POST
|
Site
|
via
|
41x
|
Bitrix Site Manager 4.1.x allows remote attackers to redirect users to other websites via a modified back_url during a HTTP POST request. NOTE: this issue has been referred to as "cross-site scripting," but that is inconsistent with the common use of the term.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in post.php in SkyeBox 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) message parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information, although it was likely prompted by a vague announcement from a researcher who incorrectly referred to the product as "SkyeShoutbox."
systeminfo.c for Sun Solaris allows local users
systeminfoc
|
variable
|
argument
|
function
|
Solaris
|
sysinfo
|
copyout
|
allows
|
causes
|
system
|
kernel
|
memory
|
local
|
which
|
count
|
users
|
used
|
call
|
read
|
Sun
|
via
|
systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer overflow, but it is probably more like a signedness error or integer underflow.
index.php in Horde Application Framework before
Application
|
Framework
|
indexphp
|
before
|
Horde
|
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.
index.php in WebMplayer before 0.6.1-Alpha allo
metacharacters
|
WebMplayer
|
attackers
|
arbitrary
|
061-Alpha
|
indexphp
|
function
|
execute
|
allows
|
before
|
remote
|
shell
|
code
|
call
|
exec
|
via
|
index.php in WebMplayer before 0.6.1-Alpha allows remote attackers to execute arbitrary code via shell metacharacters in an exec function call. NOTE: some sources have referred to this as eval injection in the param parameter, but CVE source inspection suggests that this is erroneous.
Off-by-one buffer overflow in the parse_element
parse_elements
|
Off-by-one
|
function
|
overflow
|
buffer
|
Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.
PHP remote file inclusion vulnerability in admi
admin/setup/level2php
|
vulnerability
|
Classifieds
|
inclusion
|
remote
|
file
|
PHP
|
PHP remote file inclusion vulnerability in admin/setup/level2.php in PHP Classifieds 6.04, and probably earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this product was referred to as "Allfaclassfieds" in the original disclosure.
RealNetworks RealPlayer 10 Gold allows remote a
RealNetworks
|
RealPlayer
|
attackers
|
service
|
denial
|
allows
|
remote
|
cause
|
Gold
|
RealNetworks RealPlayer 10 Gold allows remote attackers to cause a denial of service (memory consumption) via a certain .ra file. NOTE: this issue was referred to as a "memory leak," but it is not clear if this is correct.
Software vulnerabilities results 1 to 20 of 20
Page:
1
2
►