Searching register software vulnerabilities

Denial of service in RPC portmapper allows atta

portmapper | unregister | attackers | register | services | address | service | spoofed | source | allows | Denial | spoof | using | such | RPC |

Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1.


ptrace on HP-UX 11.00 through 11.11 allows loca

ptrace | HP-UX |

ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state."


Zeroboard 4.1, when the "allow_url_fopen" and "

"register_globals" | "allow_url_fopen" | arbitrary | attackers | modifying | reference | parameter | variables | Zeroboard | _zb_path | contains | execute | enabled | server | allows | remote | code | web | PHP | URL |

Zeroboard 4.1, when the "allow_url_fopen" and "register_globals" variables are enabled, allows remote attackers to execute arbitrary PHP code by modifying the _zb_path parameter to reference a URL on a remote web server that contains the code.


The TNS Listener in Oracle 10g allows remote at

attackers | Listener | service | remote | denial | Oracle | allows | cause | TNS | 10g |

The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory.


Unknown vulnerability in Tutti Nova 0.10 throug

vulnerability | Unknown | Tutti | Nova |

Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and 0.9.4, when register_globals is enabled, has unknown impact and attack vectors.


Unknown vulnerability in Rippy the Aggregator b

vulnerability | Aggregator | Unknown | before | Rippy |

Unknown vulnerability in Rippy the Aggregator before 0.10, when register_globals is enabled, has unknown attack vectors and impact, possibly related to the "user-controlled filter."


prefs.php in SquirrelMail before 1.4.4, with re

SquirrelMail | prefsphp | before |

prefs.php in SquirrelMail before 1.4.4, with register_globals enabled, allows remote attackers to inject local code into the SquirrelMail code via custom preference handlers.


The SimpleXMLRPCServer library module in Python

SimpleXMLRPCServer | library | before | Python | module |

The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of the associated module, and possibly execute arbitrary code, via dotted attributes.


Hosting Controller 6.1 Hotfix 1.9 and earlier a

addsubsiteasp | Controller | parameters | attackers | arbitrary | loginname | password | register | earlier | request | Hosting | Hotfix | allows | remote | direct | users | set | via |

Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users via a direct request to addsubsite.asp with the loginname and password parameters set.


phgstats.inc.php in phgstats before 0.5.1, if r

phgstatsincphp | phgstats | before |

phgstats.inc.php in phgstats before 0.5.1, if register_globals is enabled, allows remote attackers to include arbitrary files and execute arbitrary PHP code by modifying the PHGDIR variable.


membership.asp in Mini-Nuke 2.3 and earlier use

membershipasp | plaintext | automated | attackers | Mini-Nuke | multiple | register | security | scripts | earlier | allows | remote | codes | times | which | uses | via |

membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security codes, which allows remote attackers to register multiple times via automated scripts.


Unspecified vulnerability in Ampache 3.3.2 and

vulnerability | Unspecified | Ampache |

Unspecified vulnerability in Ampache 3.3.2 and earlier, when register_globals is enabled, allows remote attackers to bypass security restrictions and gain guest access.


Apple Mac OS X kernel allows local users to cau

register | service | process | kernel | denial | kevent | parent | allows | Apple | event | queue | child | users | cause | local | fork | same | uses | then | via | Mac |

Apple Mac OS X kernel allows local users to cause a denial of service via a process that uses kevent to register a queue and an event, then fork a child process that uses kevent to register an event for the same queue as the parent.


pages/register/register.php in Fishyshoop 0.930

pages/register/registerphp | Fishyshoop |

pages/register/register.php in Fishyshoop 0.930 beta allows remote attackers to create arbitrary administrative users by setting the is_admin HTTP POST parameter to 1.


Unspecified vulnerability in phpMyFAQ 1.6.9 and

vulnerability | Unspecified | phpMyFAQ |

Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when register_globals is enabled, allows remote attackers to "gain the privilege for uploading files on the server."


include/common.php in PunBB 1.2.14 and earlier

include/commonphp | PunBB |

include/common.php in PunBB 1.2.14 and earlier does not properly handle a disabled ini_get function when checking the register_globals setting, which allows remote attackers to register global parameters, as demonstrated by an SQL injection attack on the search_id parameter to search.php.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in open.php in eTicket 1.5.5 and 1.5.5.1, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) err and (2) warn parameters. NOTE: the vendor disputes the significance of the issue, stating that "eTicket is not designed to work with register_globals On."


Directory traversal vulnerability in index.php

vulnerability | Directory | traversal | indexphp | MiniBB |

Directory traversal vulnerability in index.php in MiniBB 2.0.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the language parameter in a register action.


Unspecified vulnerability in Microsoft Register

vulnerability | Unspecified | Microsoft | Register | Server |

Unspecified vulnerability in Microsoft Register Server (REGSVR) allows attackers to cause a denial of service via a crafted DLL library.


account.php in Adam Scheinberg Flip 3.0 and ear

administrative | Scheinberg | accountphp | attackers | parameter | accounts | register | earlier | action | allows | remote | create | Adam | Flip | via |

account.php in Adam Scheinberg Flip 3.0 and earlier allows remote attackers to create administrative accounts via the un parameter in a register action.


Software vulnerabilities results 1 to 20 of 284     
Page: 12345...15