Searching retrieve software vulnerabilities

Vulnerability in Apache httpd before 1.3.11, wh

Vulnerability | before | Apache | httpd |

Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files.


Broker FTP server 5.9.5 for Windows NT and 9x a

server | Broker | FTP |

Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format (\\computername\sharename).


Red Hat Stronghold 2.3 to 3.0 allows remote att

information | Stronghold | attackers | retrieve | request | system | remote | allows | HTTP | GET | Hat | Red | via |

Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve system information via an HTTP GET request to (1) stronghold-info or (2) stronghold-status.


phpRank 1.8 stores the administrative password

administrative | plaintext | attackers | retrieve | password | phpRank | allows | remote | server | stores | cookie | which | "ap" |

phpRank 1.8 stores the administrative password in plaintext on the server and in the "ap" cookie, which allows remote attackers to retrieve the administrative password.


Macromedia JRun 3.0 through 4.0, when running o

configuration | information | Macromedia | directory | attackers | retrieve | trailing | contains | WEB-INF | request | running | Windows | through | allows | remote | class | files | which | Java | JRun | dot | via |

Macromedia JRun 3.0 through 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").


HP Application Server 8.0, when running on Wind

configuration | Application | information | attackers | directory | contains | trailing | retrieve | request | running | Windows | WEB-INF | remote | Server | allows | files | which | class | Java | dot | via |

HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").


jo! jo Webserver 1.0, when running on Windows,

configuration | information | attackers | directory | Webserver | contains | trailing | retrieve | request | running | WEB-INF | Windows | remote | allows | files | which | class | Java | dot | via |

jo! jo Webserver 1.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").


Oracle Oracle9i Application Server 1.0.2.2 and

Application | Oracle9i | Server | Oracle |

Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 through 9.0.2.0.1, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").


Orion Application Server 1.5.3, when running on

Application | Server | Orion |

Orion Application Server 1.5.3, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").


Pointsec before 1.2 for PalmOS stores a user's

plaintext | unlocked | retrieve | Pointsec | attacker | dumping | steals | allows | stores | PalmOS | before | memory | number | user's | which | local | Palm | PIN |

Pointsec before 1.2 for PalmOS stores a user's PIN number in memory in plaintext, which allows a local attacker who steals an unlocked Palm to retrieve the PIN by dumping memory.


Nokia Electronic Documentation (NED) 5.0 allows

Documentation | Electronic | Nokia |

Nokia Electronic Documentation (NED) 5.0 allows remote attackers to obtain a directory listing of the WebLogic web root, and the physical path of the NED server, via a "retrieve" action with a location parameter of . (dot).


Symbol Access Portable Data Terminal (PDT) 8100

Portable | Terminal | Symbol | Access | Data |

Symbol Access Portable Data Terminal (PDT) 8100 does not hide the default WEP keys if they are not changed, which could allow attackers to retrieve the keys and gain access to the wireless network.


Directory traversal vulnerability in ShopCartCG

vulnerability | ShopCartCGI | arbitrary | attackers | traversal | Directory | retrieve | allows | remote | files | via |

Directory traversal vulnerability in ShopCartCGI 2.3 allows remote attackers to retrieve arbitrary files via a .. (dot dot) in a HTTP request to (1) gotopage.cgi or (2) genindexpage.cgi.


Directory traversal vulnerability in functions.

PhpNewsManager | vulnerability | functionsphp | Directory | traversal |

Directory traversal vulnerability in functions.php in PhpNewsManager 1.46 allows remote attackers to retrieve arbitrary files via .. (dot dot) sequences in the clang parameter.


Directory traversal vulnerability in EasyWeb Fi

vulnerability | FileManager | attackers | arbitrary | Directory | traversal | retrieve | PostNuke | EasyWeb | allows | remote | files | RC-1 | via |

Directory traversal vulnerability in EasyWeb FileManager 1.0 RC-1 for PostNuke allows remote attackers to retrieve arbitrary files via a .. (dot dot) in the pathext parameter.


Spooler in Apache Foundation James 2.2.0 allows

Foundation | Spooler | Apache | James |

Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock from being released and causes a memory leak.


SQL injection vulnerability in index.php in TCl

vulnerability | TClanPortal | injection | indexphp | SQL |

SQL injection vulnerability in index.php in TClanPortal 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands, and retrieve all usernames and passwords, via the id parameter.


Sprint Nextel Sprint voice mail systems allow r

Identification | reconfigure | attackers | mailboxes | retrieve | spoofing | messages | systems | Calling | Number | Nextel | Sprint | remote | remove | voice | allow | mail |

Sprint Nextel Sprint voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID).


Alcatel-Lucent Lucent Technologies voice mail s

Identification | Alcatel-Lucent | Technologies | reconfigure | attackers | mailboxes | retrieve | messages | spoofing | Calling | systems | Number | Lucent | remove | remote | voice | allow | mail |

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID).


T-Mobile voice mail systems allow remote attack

Identification | reconfigure | attackers | mailboxes | retrieve | spoofing | messages | T-Mobile | systems | Calling | remote | remove | Number | allow | voice | mail |

T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID).


Software vulnerabilities results 1 to 20 of 28     
Page: 12