Searching sequences software vulnerabilities

Apache 1.3 before 1.3.25 and Apache 2.0 before

before | Apache |

Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.


OpenSSL 0.9.6k allows remote attackers to cause

attackers | service | OpenSSL | denial | allows | remote | cause | 096k |

OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.


Directory traversal vulnerability in weblibs.pl

vulnerability | arbitrary | attackers | sequences | parameter | weblibspl | traversal | Directory | TextFile | WebLibs | allows | remote | files | read | via |

Directory traversal vulnerability in weblibs.pl in WebLibs 1.0 allows remote attackers to read arbitrary files via .. sequences in the TextFile parameter.


Directory traversal vulnerability in BremsServe

vulnerability | BremsServer | Directory | traversal |

Directory traversal vulnerability in BremsServer 1.2.4 allows remote attackers to read arbitrary files via ".." (dot dot) sequences in the URL.


Multiple directory traversal vulnerabilities in

vulnerabilities | traversal | directory | Multiple | Borland | Server | Web |

Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences, in the URL.


Canonicalize-before-filter error in the send_re

Canonicalize-before-filter | canonicalized | send_review | hex-encoded | cross-site | arbitrary | scripting | dangerous | parameter | sequences | attackers | PHP-Nuke | function | Reviews | checked | leading | before | inject | script | remote | module | allows | error | which | HTML | text | web | XSS | via |

Canonicalize-before-filter error in the send_review function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leading to a cross-site scripting (XSS) vulnerability.


Directory traversal vulnerability in Microsoft

vulnerability | attackers | sequences | overwrite | Microsoft | traversal | Directory | archive | cabarc | remote | allows | names | files | file | CAB | via | "/" |

Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via "../" sequences in file names in a CAB archive.


Directory traversal vulnerability in the true_p

vulnerability | true_path | privatepy | Directory | traversal | function | Mailman |

Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences.


Apple Terminal 1.4.4 allows attackers to execut

Terminal | Apple |

Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences.


Directory traversal vulnerability in attachment

attachmentsphp | vulnerability | arbitrary | attackers | sequences | parameter | Directory | traversal | osTicket | remote | allows | files | read | file | via |

Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. sequences in the file parameter.


Directory traversal vulnerability in default.as

vulnerability | defaultasp | arbitrary | attackers | parameter | sequences | Directory | traversal | filename | FSboard | remote | allows | files | read | via |

Directory traversal vulnerability in default.asp for FSboard 2.0 allows remote attackers to read arbitrary files via ".." sequences in the filename parameter.


Directory traversal vulnerability in GNUMP3D be

vulnerability | Directory | traversal | GNUMP3D | before |

Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.


Multiple directory traversal vulnerabilities in

vulnerabilities | LogiSphere | arbitrary | attackers | traversal | directory | Multiple | remote | access | files | allow | 099j | via |

Multiple directory traversal vulnerabilities in LogiSphere 0.9.9j allow remote attackers to access arbitrary files via (1) .. (dot dot), (2) "..." (triple dot), and (3) "..//" sequences in the URL, (4) "../" sequences in the source parameter to viewsource.jsp, or (5) "..\" (dot dot backslash) sequences in the NS-query-pat paramter to the search URL. URL.


Directory traversal vulnerability in Amaxus 3 a

vulnerability | arbitrary | attackers | sequences | parameter | traversal | Directory | earlier | change | Amaxus | remote | allows | access | files | via |

Directory traversal vulnerability in Amaxus 3 and earlier allows remote attackers to access arbitrary files via ".." sequences in the change parameter.


unalz 0.53 allows user-assisted attackers to ov

unalz |

unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." (dot dot) sequences in a filename.


Directory traversal vulnerability in index.php

vulnerability | Coppermine | Directory | traversal | indexphp |

Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote attackers to read arbitrary files via a .//./ (modified dot dot slash) in the file parameter, which causes a regular expression to collapse the sequences into standard "../" sequences.


Directory traversal vulnerability in SolarWinds

vulnerability | SolarWinds | sequences | collapsed | arbitrary | attackers | traversal | Directory | filtering | including | download | crafted | earlier | request | allows | Server | remote | which | files | into | TFTP | "//" | GET | "/" | via |

Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and earlier allows remote attackers to download arbitrary files via a crafted GET request including "....//" sequences, which are collapsed into "../" sequences by filtering.


Directory traversal vulnerability in dir.php in

vulnerability | directories | TorrentFlux | arbitrary | attackers | sequences | parameter | Directory | traversal | dirphp | remote | allows | "\\/" | list | dir | via |

Directory traversal vulnerability in dir.php in TorrentFlux 2.1 allows remote attackers to list arbitrary directories via "\.\./" sequences in the dir parameter.


Directory traversal vulnerability in torrent.cp

vulnerability | torrentcpp | traversal | Directory | KTorrent | before |

Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." string, which allows remote attackers to overwrite arbitrary files via modified ".." sequences in a torrent filename, as demonstrated by "../" sequences, due to an incomplete fix for CVE-2007-1384.


Directory traversal vulnerability in Microsoft

vulnerability | attackers | sequences | arbitrary | Microsoft | traversal | Directory | Explorer | Internet | possibly | related | certain | remote | allows | scheme | "%5C" | files | read | via | URI |

Directory traversal vulnerability in Microsoft Internet Explorer allows remote attackers to read arbitrary files via directory traversal sequences in a URI with a certain scheme, possibly related to "..%5C" (encoded backslash) sequences.


Software vulnerabilities results 1 to 20 of 454     
Page: 12345...23