share software vulnerabilities
vulnerabilities.aspcode.net
Searching share software vulnerabilities
NETBIOS share information may be published thro
information
|
published
|
registry
|
through
|
NETBIOS
|
share
|
keys
|
SNMP
|
may
|
NETBIOS share information may be published through SNMP registry keys in NT.
A NETBIOS/SMB share password is the default, nu
NETBIOS/SMB
|
password
|
missing
|
default
|
share
|
null
|
A NETBIOS/SMB share password is the default, null, or missing.
A system-critical NETBIOS/SMB share has inappro
system-critical
|
inappropriate
|
NETBIOS/SMB
|
control
|
access
|
share
|
has
|
A system-critical NETBIOS/SMB share has inappropriate access control.
Vulnerability in Monitor utility (SYS$SHARE:SPI
Vulnerability
|
utility
|
Monitor
|
Vulnerability in Monitor utility (SYS$SHARE:SPISHR.EXE) in VMS 5.0 through 5.4-2 allows local users to gain privileges.
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10)
Server
|
Gene6
|
FTP
|
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.
The split key mechanism used by PGP 7.0 allows
authenticate
|
passphrases
|
passphrase
|
capturing
|
mechanism
|
setting
|
holders
|
allows
|
"Cache
|
option
|
logged
|
obtain
|
holder
|
access
|
entire
|
share
|
other
|
while
|
split
|
used
|
they
|
key
|
on"
|
PGP
|
The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the "Cache passphrase while logged on" option and capturing the passphrases of other share holders as they authenticate.
EFTP 2.0.7.337 allows remote attackers to obtai
EFTP
|
EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.
Gravity Storm Service Pack Manager 2000 creates
Service
|
Manager
|
Gravity
|
Storm
|
Pack
|
Gravity Storm Service Pack Manager 2000 creates a hidden share (SPM2000c$) mapped to the C drive, which may allow local users to bypass access restrictions on certain directories in the C drive, such as system32, by accessing them through the hidden share.
Microsoft Internet Information Server (IIS) 4.0
Information
|
Microsoft
|
Internet
|
Server
|
Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while IIS is running.
Norton Internet Security 2001 opens log files w
Security
|
Internet
|
Norton
|
Norton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while Norton Internet Security is running.
ScriptLogic 4.01, and possibly other versions b
ScriptLogic
|
ScriptLogic 4.01, and possibly other versions before 4.14, uses insecure permissions for the LOGS$ share, which allows users to modify log records and possibly execute arbitrary code.
Directory traversal vulnerability in upload cap
vulnerability
|
capability
|
Directory
|
traversal
|
upload
|
Share
|
File
|
Pro
|
Directory traversal vulnerability in upload capability of WWW File Share Pro 2.42 and earlier allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in the filename parameter of a Content-Disposition: header.
WWW File Share Pro 2.42 and earlier allows remo
Share
|
File
|
Pro
|
WWW File Share Pro 2.42 and earlier allows remote attackers to cause a denial of service (crash) via a large POST request.
WWW File Share Pro 2.42 and earlier allows remo
Share
|
File
|
Pro
|
WWW File Share Pro 2.42 and earlier allows remote attackers to bypass directory access restrictions via (1) a URL with a trailing . (dot), or (2) a URI with a leading slash or backslash character.
Argument injection vulnerability in IBM Lotus N
vulnerability
|
injection
|
Argument
|
Lotus
|
Notes
|
IBM
|
Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe.
Rebrand P2P Share Spy 2.2 stores the user passw
txtPassword
|
privileges
|
plaintext
|
password
|
registry
|
Rebrand
|
allows
|
stores
|
which
|
users
|
local
|
value
|
Share
|
user
|
gain
|
P2P
|
Spy
|
Rebrand P2P Share Spy 2.2 stores the user password in plaintext in the txtPassword value in the registry, which allows local users to gain privileges.
APG Technology ClassMaster does not properly re
ClassMaster
|
Technology
|
sensitive
|
attackers
|
restrict
|
properly
|
network
|
folders
|
allows
|
remote
|
access
|
share
|
which
|
does
|
not
|
APG
|
via
|
APG Technology ClassMaster does not properly restrict access to sensitive folders, which allows remote attackers to access folders via a network share.
Multiple PHP remote file inclusion vulnerabilit
vulnerabilities
|
inclusion
|
Multiple
|
Trawler
|
remote
|
file
|
CMS
|
Web
|
PHP
|
Multiple PHP remote file inclusion vulnerabilities in Trawler Web CMS 1.8.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) path_red2 parameter to (a) _msdazu_pdata/redaktion/artikel/up/index.php; (b) addtort.php, (c) colorpik2.php, (d) colorpik3.php, (e) extras_menu.php, (f) farbpalette.php, (g) lese_inc.php, and (h) newfile.php in _msdazu_share/richtext/; the (2) path_scr_dat2 parameter to (i)_msdazu_share/share/insert1.php; the (3) path_red parameter to (j) _msdazu_share/extras/downloads/index.php; and unspecified parameters in other files.
siteadmin/useredit.php in AlstraSoft Video Shar
siteadmin/usereditphp
|
authentication
|
information
|
Enterprise
|
AlstraSoft
|
attackers
|
request
|
remote
|
allows
|
direct
|
modify
|
obtain
|
Video
|
Share
|
which
|
check
|
does
|
user
|
not
|
via
|
siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not check authentication, which allows remote attackers to obtain or modify user information via a direct request.
SQL injection vulnerability in msg.php in Alstr
vulnerability
|
authenticated
|
AlstraSoft
|
Enterprise
|
parameter
|
injection
|
arbitrary
|
commands
|
execute
|
remote
|
msgphp
|
allows
|
Video
|
users
|
Share
|
SQL
|
via
|
SQL injection vulnerability in msg.php in AlstraSoft Video Share Enterprise allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
Software vulnerabilities results 1 to 20 of 60
Page:
1
2
3
4
►