software software vulnerabilities
vulnerabilities.aspcode.net
Searching software software vulnerabilities
Patrol management software allows a remote atta
administrator
|
management
|
attacker
|
password
|
software
|
conduct
|
attack
|
Patrol
|
allows
|
remote
|
replay
|
steal
|
Patrol management software allows a remote attacker to conduct a replay attack to steal the administrator password.
shell-lock in Cactus Software Shell Lock uses w
encryption
|
shell-lock
|
Software
|
Cactus
|
Shell
|
weak
|
Lock
|
uses
|
shell-lock in Cactus Software Shell Lock uses weak encryption (trivial encoding) which allows attackers to easily decrypt and obtain the source code.
The Microsoft Active Setup ActiveX component in
manufacturer
|
software's
|
components
|
component
|
Microsoft
|
prompting
|
attacker
|
software
|
Explorer
|
Internet
|
without
|
stating
|
ActiveX
|
install
|
remote
|
Active
|
allows
|
Setup
|
user
|
The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft.
The administrative password for the Allmanage w
administration
|
administrative
|
plaintext
|
attackers
|
Allmanage
|
accessed
|
software
|
password
|
remote
|
stored
|
could
|
which
|
site
|
file
|
web
|
The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers.
Internet Software Solutions Air Messenger LAN S
Solutions
|
Messenger
|
Internet
|
Software
|
Server
|
LAN
|
Air
|
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file.
Internet Software Solutions Air Messenger LAN S
Solutions
|
Messenger
|
Internet
|
Software
|
Server
|
LAN
|
Air
|
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header.
Sage Software MAS 200 allows remote attackers t
Software
|
Sage
|
MAS
|
Sage Software MAS 200 allows remote attackers to cause a denial of service by connecting to port 10000 and entering a series of control characters.
Gator ActiveX component (IEGator.dll) 3.0.6.1 a
component
|
ActiveX
|
Gator
|
Gator ActiveX component (IEGator.dll) 3.0.6.1 allows remote web sites to install arbitrary software by specifying a Trojan Gator installation file (setup.ex_) in the src parameter.
Buffer overflow in Century Software TERM allows
privileges
|
Software
|
argument
|
overflow
|
program
|
Century
|
callin
|
allows
|
Buffer
|
users
|
local
|
long
|
gain
|
TERM
|
root
|
via
|
tty
|
Buffer overflow in Century Software TERM allows local users to gain root privileges via a long tty argument to the callin program.
Finjan Software SurfinGate 6.0 and 6.0 1 allows
restrictions
|
SurfinGate
|
attackers
|
hostname
|
Software
|
instead
|
address
|
access
|
allows
|
remote
|
Finjan
|
bypass
|
URL
|
via
|
Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL with an IP address instead of a hostname.
Cross-site scripting (XSS) vulnerability in Act
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in ActiveXperts Software ActiveWebserver allows remote attackers to execute arbitrary web script via a link.
The "ICQ Features on Demand" functionality for
functionality
|
authenticity
|
attackers
|
arbitrary
|
Mirabilis
|
upgrades
|
properly
|
Features
|
spoofing
|
software
|
install
|
Demand"
|
attack
|
remote
|
allows
|
verify
|
2003a
|
which
|
does
|
"ICQ
|
ICQ
|
via
|
not
|
Pro
|
The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack.
SQL injection vulnerability in viewCart.asp in
vulnerability
|
viewCartasp
|
SpiderSales
|
arbitrary
|
attackers
|
injection
|
parameter
|
software
|
shopping
|
execute
|
allows
|
userId
|
remote
|
cart
|
SQL
|
via
|
SQL injection vulnerability in viewCart.asp in SpiderSales shopping cart software allows remote attackers to execute arbitrary SQL via the userId parameter.
Multiple unknown vulnerabilities in Real Estate
vulnerabilities
|
Management
|
Multiple
|
Software
|
unknown
|
vectors
|
impact
|
attack
|
Estate
|
Real
|
have
|
Multiple unknown vulnerabilities in Real Estate Management Software 1.0 have unknown impact and attack vectors.
The default index page in the HTTP server in Hi
Hitachi
|
default
|
server
|
IP5000
|
index
|
Phone
|
WIFI
|
HTTP
|
page
|
VOIP
|
The default index page in the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 lists sensitive information such as software versions.
Unspecified vulnerability in Software Distribut
vulnerability
|
Distributor
|
Unspecified
|
attackers
|
Software
|
vectors
|
access
|
attack
|
allows
|
remote
|
B1111
|
HP-UX
|
gain
|
via
|
Unspecified vulnerability in Software Distributor in HP-UX B.11.11 allows remote attackers to gain access via unspecified attack vectors.
Multiple buffer overflows in the ActiveX contro
overflows
|
controls
|
software
|
ImageKit
|
Multiple
|
ActiveX
|
Newtone
|
Loader
|
buffer
|
before
|
Photo
|
CASIO
|
used
|
Fix
|
Multiple buffer overflows in the ActiveX controls in Newtone ImageKit 5 before Fix 30 and 6 before Fix 40, as used in CASIO Photo Loader software before 3.01 and possibly other software, allow remote attackers to execute arbitrary code via a crafted HTML document.
Unspecified vulnerability in MH Software Connec
vulnerability
|
Unspecified
|
Software
|
Connect
|
before
|
Daily
|
Unspecified vulnerability in MH Software Connect Daily before 3.3.3 has unknown impact and attack vectors.
The DB Software Laboratory DeWizardX (DEWizardA
Laboratory
|
DeWizardX
|
Software
|
The DB Software Laboratory DeWizardX (DEWizardAX.ocx) ActiveX control allows remote attackers to overwrite arbitrary files via the SaveToFile function.
2wire 1701HG and 2071 Gateway routers, with 5.2
1701HG
|
2wire
|
2wire 1701HG and 2071 Gateway routers, with 5.29.51 and possibly 3.17.5 software, have a blank password by default.
Software vulnerabilities results 1 to 20 of 266
Page:
1
2
3
4
5
...
14
►