sample software vulnerabilities
vulnerabilities.aspcode.net
Searching sample software vulnerabilities
The Expression Evaluator sample application in
application
|
exprcalccfm
|
ColdFusion
|
Expression
|
attackers
|
Evaluator
|
restrict
|
properly
|
server
|
access
|
allows
|
remote
|
sample
|
delete
|
which
|
files
|
read
|
does
|
via
|
not
|
The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.
The showcode.asp sample file in IIS and Site Se
showcodeasp
|
attackers
|
arbitrary
|
allows
|
remote
|
Server
|
sample
|
files
|
read
|
Site
|
file
|
IIS
|
The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
The viewcode.asp sample file in IIS and Site Se
viewcodeasp
|
attackers
|
arbitrary
|
allows
|
remote
|
Server
|
sample
|
files
|
read
|
Site
|
file
|
IIS
|
The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
The code.asp sample file in IIS and Site Server
attackers
|
arbitrary
|
codeasp
|
allows
|
remote
|
Server
|
sample
|
files
|
read
|
Site
|
file
|
IIS
|
The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
The codebrws.asp sample file in IIS and Site Se
codebrwsasp
|
attackers
|
arbitrary
|
allows
|
remote
|
Server
|
sample
|
files
|
read
|
Site
|
file
|
IIS
|
The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
Sample runnable code snippets in ColdFusion Ser
ColdFusion
|
attackers
|
snippets
|
runnable
|
service
|
conduct
|
denial
|
remote
|
Server
|
Sample
|
allow
|
other
|
proxy
|
files
|
calls
|
HTTP
|
code
|
read
|
use
|
Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls.
The Winmsdp.exe sample file in IIS 4.0 and Site
Winmsdpexe
|
attackers
|
arbitrary
|
allows
|
remote
|
Server
|
sample
|
files
|
read
|
Site
|
file
|
IIS
|
The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files.
Sample Internet Data Query (IDQ) scripts in IIS
Internet
|
Sample
|
Query
|
Data
|
Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack.
The sample Java servlet "test" in Bajie HTTP we
pathname
|
document
|
reveals
|
servlet
|
server
|
sample
|
"test"
|
Bajie
|
real
|
HTTP
|
Java
|
030a
|
root
|
web
|
The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web document root.
Buffer overflow in post-query sample CGI progra
post-query
|
attackers
|
arbitrary
|
commands
|
overflow
|
contains
|
execute
|
program
|
request
|
Buffer
|
sample
|
allows
|
remote
|
least
|
POST
|
HTTP
|
via
|
CGI
|
Buffer overflow in post-query sample CGI program allows remote attackers to execute arbitrary commands via an HTTP POST request that contains at least 10001 parameters.
Directory traversal vulnerability in Sun Chili!
vulnerability
|
arbitrary
|
ChiliSoft
|
Directory
|
traversal
|
multiple
|
attacker
|
remote
|
allows
|
Unixes
|
files
|
above
|
root
|
read
|
via
|
web
|
Sun
|
ASP
|
Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebrws.asp'.
The sendmail.jsp sample page in Oracle 9i Appli
Application
|
sendmailjsp
|
Oracle
|
sample
|
Server
|
page
|
The sendmail.jsp sample page in Oracle 9i Application Server (9iAS) allows remote attackers to send arbitrary emails.
SQL injection vulnerability in the query.xsql s
vulnerability
|
Application
|
queryxsql
|
injection
|
Oracle
|
Server
|
sample
|
page
|
SQL
|
SQL injection vulnerability in the query.xsql sample page in Oracle 9i Application Server (9iAS) allows remote attackers to execute arbitrary code via the sql parameter.
Oracle 9i Application Server (9iAS) installs mu
Application
|
Server
|
Oracle
|
Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote attackers to obtain environment variables and other sensitive information via (1) info.jsp, (2) printenv, (3) echo, or (4) echo2.
Off-by-one error in the CodeBrws.asp sample scr
CodeBrwsasp
|
containing
|
extensions
|
additional
|
Off-by-one
|
attackers
|
character
|
Microsoft
|
source
|
script
|
sample
|
remote
|
allows
|
files
|
error
|
after
|
aspx
|
such
|
html
|
view
|
code
|
inc
|
IIS
|
one
|
htm
|
asp
|
Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files.
Directory traversal vulnerability in the view-s
vulnerability
|
view-source
|
Foundation
|
attackers
|
Directory
|
arbitrary
|
traversal
|
Software
|
remote
|
access
|
allows
|
sample
|
Apache
|
Cocoon
|
files
|
file
|
via
|
Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter.
The OSS code for the Sound Blaster (sb16) drive
Blaster
|
Sound
|
code
|
OSS
|
The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes.
Directory traversal vulnerability in sample_sho
sample_showcodehtml
|
vulnerability
|
arbitrary
|
parameter
|
attackers
|
traversal
|
Directory
|
Caravan
|
200/03d
|
earlier
|
remote
|
allows
|
fname
|
files
|
read
|
via
|
Directory traversal vulnerability in sample_showcode.html in Caravan 2.00/03d and earlier allows remote attackers to read arbitrary files via the fname parameter.
Unknown vulnerability in IBM Parallel Environme
vulnerability
|
Environment
|
Parallel
|
Unknown
|
IBM
|
Unknown vulnerability in IBM Parallel Environment (PE) 3.2 and 4.1 allows attackers to execute arbitrary commands as root via unknown vectors in the sample code.
The ath_rate_sample function in the ath_rate/sa
ath_rate/sample/samplec
|
ath_rate_sample
|
function
|
MadWifi
|
before
|
sample
|
code
|
The ath_rate_sample function in the ath_rate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service (failed KASSERT and system crash) by moving a connected system to a location with low signal strength, and possibly other vectors related to a race condition between interface enabling and packet transmission.
Software vulnerabilities results 1 to 20 of 46
Page:
1
2
3
►