setting software vulnerabilities
vulnerabilities.aspcode.net
Searching setting software vulnerabilities
Buffer overflow in xmcd 2.1 allows local users
overflow
|
resource
|
through
|
setting
|
access
|
Buffer
|
allows
|
local
|
users
|
xmcd
|
gain
|
user
|
Buffer overflow in xmcd 2.1 allows local users to gain access through a user resource setting.
Error messages generated by gdm with the Verbos
VerboseAuth
|
generated
|
identify
|
attacker
|
messages
|
setting
|
system
|
allows
|
users
|
valid
|
Error
|
gdm
|
Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid users on a system.
NewsPro 1.01 allows remote attackers to gain un
NewsPro
|
NewsPro 1.01 allows remote attackers to gain unauthorized administrator access by setting their authentication cookie to "logged,true".
index.php in Py-Membres 3.1 allows remote attac
administrator
|
Py-Membres
|
attackers
|
parameter
|
indexphp
|
setting
|
pymembs
|
"admin"
|
remote
|
allows
|
log
|
index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pymembs parameter to "admin".
isadmin.php in PhpWebGallery 1.0 allows remote
administrative
|
PhpWebGallery
|
photo_login
|
isadminphp
|
attackers
|
setting
|
allows
|
cookie
|
pseudo
|
remote
|
access
|
gain
|
via
|
isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by setting the photo_login cookie to pseudo.
admin.php in miniPortail allows remote attacker
miniPortailAdmin
|
administrative
|
miniPortail
|
privileges
|
"adminok"
|
attackers
|
adminphp
|
setting
|
cookie
|
remote
|
allows
|
value
|
gain
|
admin.php in miniPortail allows remote attackers to gain administrative privileges by setting the miniPortailAdmin cookie to an "adminok" value.
secure.php in PY-Membres 4.2 and earlier allows
authentication
|
PY-Membres
|
attackers
|
parameter
|
securephp
|
setting
|
adminpy
|
earlier
|
remote
|
allows
|
bypass
|
secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting the adminpy parameter.
Unknown vulnerability in Moodle before 1.3.3 ha
vulnerability
|
Unknown
|
before
|
Moodle
|
Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting.
NewsPHP allows remote attackers to gain unautho
"autorized=admin;
|
administrative
|
unauthorized
|
root=admin"
|
attackers
|
setting
|
NewsPHP
|
cookie
|
remote
|
allows
|
access
|
value
|
gain
|
NewsPHP allows remote attackers to gain unauthorized administrative access by setting a cookie to the "autorized=admin; root=admin" value.
edituser.php3 in PHPMyChat 0.14.5 allow remote
edituserphp3
|
PHPMyChat
|
edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass authentication and gain administrative privileges by setting the do_not_login parameter to false.
Polar HelpDesk 3.0 allows remote attackers to b
authentication
|
attackers
|
UserType
|
HelpDesk
|
setting
|
cookie
|
values
|
UserId
|
allows
|
remote
|
bypass
|
Polar
|
Polar HelpDesk 3.0 allows remote attackers to bypass authentication by setting the UserId and UserType values in a cookie.
awstats.pl in AWStats 6.3 and 6.4 allows remote
parameters
|
pluginmode
|
loadplugin
|
awstatspl
|
attackers
|
setting
|
AWStats
|
rawlog
|
remote
|
allows
|
server
|
logs
|
read
|
web
|
awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loadplugin and pluginmode parameters to rawlog.
awstats.pl in AWStats 6.3 and 6.4 allows remote
information
|
attackers
|
parameter
|
awstatspl
|
sensitive
|
AWStats
|
setting
|
allows
|
remote
|
obtain
|
debug
|
awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter.
index.php in MercuryBoard 1.0.x and 1.1.x allow
MercuryBoard
|
information
|
attackers
|
sensitive
|
parameter
|
indexphp
|
setting
|
obtain
|
remote
|
allows
|
debug
|
11x
|
10x
|
index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to obtain sensitive information by setting the debug parameter.
profile.php in PunBB 1.2.1 allows remote attack
profilephp
|
PunBB
|
profile.php in PunBB 1.2.1 allows remote attackers to cause a denial of service (account lockout) by setting the user's password to NULL.
newsscript.pl for NewsScript allows remote atta
newsscriptpl
|
privileges
|
NewsScript
|
parameter
|
attachers
|
setting
|
allows
|
remote
|
admin
|
gain
|
mode
|
newsscript.pl for NewsScript allows remote attachers to gain privileges by setting the mode parameter to admin.
The web module in Neteyes Nexusway allows remot
cyclone500_auth
|
authentication
|
administrator
|
privileges
|
attackers
|
Nexusway
|
Neteyes
|
setting
|
cookie
|
allows
|
module
|
remote
|
bypass
|
gain
|
web
|
The web module in Neteyes Nexusway allows remote attackers to bypass authentication and gain administrator privileges by setting the cyclone500_auth cookie.
setup.php in phpStat 1.5 allows remote attacker
authentication
|
administrator
|
privileges
|
attackers
|
setupphp
|
variable
|
setting
|
phpStat
|
$check
|
allows
|
bypass
|
remote
|
gain
|
setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check variable.
The ActiveX control for NateOn Messenger (Nateo
Messenger
|
control
|
ActiveX
|
NateOn
|
The ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to download and execute arbitrary programs by setting the arguments to the GotNate.Excute method.
login.php in ACal Calendar Project 2.2.5 allows
Calendar
|
loginphp
|
Project
|
ACal
|
login.php in ACal Calendar Project 2.2.5 allows remote attackers to bypass authentication by setting the ACalAuthenticate cookie variable to "inside".
Software vulnerabilities results 1 to 20 of 212
Page:
1
2
3
4
5
...
11
►