Searching solutions software vulnerabilities

Directory traversal in Webpaging interface in I

interface | Messenger | Solutions | Directory | traversal | Webpaging | Internet | Software | Server | LAN | Air |

Directory traversal in Webpaging interface in Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows allows remote attackers to read arbitrary files via a .. (dot dot) attack.


Internet Software Solutions Air Messenger LAN S

Solutions | Messenger | Internet | Software | Server | LAN | Air |

Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header.


Format string vulnerability in Network Solution

vulnerability | specifiers | arbitrary | attackers | Solutions | execute | command | Rwhoisd | Network | Format | string | remote | allows | -soa | code | 15x | via |

Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows remote attackers execute arbitrary code via format string specifiers in the -soa command.


Format string vulnerability in Network Solution

vulnerability | Solutions | Rwhoisd | Network | string | Format |

Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and earlier, when using syslog, allows remote attackers to corrupt memory and possibly execute arbitrary code via a rwhois request that contains format specifiers.


Directory traversal vulnerability in phprocketa

phprocketaddin | vulnerability | Solutions | FrontPage | attackers | Directory | traversal | arbitrary | allows | remote | Rocket | Add-in | Total | files | read | via | PHP |

Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.


SQL injection vulnerability in login.asp in an

vulnerability | Solutions | Educators | injection | loginasp | product | unknown | Online | SQL |

SQL injection vulnerability in login.asp in an unknown product by Online Solutions for Educators (OS4E) allows remote attackers to execute arbitrary SQL commands via the password.


SQL injection vulnerability in comentarii.php i

vulnerability | comentariiphp | Web4Future | Solutions | arbitrary | attackers | injection | parameter | commands | execute | Portal | allows | remote | News | SQL | idp | via |

SQL injection vulnerability in comentarii.php in Web4Future Portal Solutions News Portal allows remote attackers to execute arbitrary SQL commands via the idp parameter.


Directory traversal vulnerability in arhiva.php

vulnerability | Web4Future | Solutions | arbitrary | attackers | parameter | traversal | arhivaphp | Directory | remote | Portal | allows | files | read | News | dir | via |

Directory traversal vulnerability in arhiva.php in Web4Future Portal Solutions News Portal allows remote attackers to read arbitrary files via the dir parameter.


SQL injection vulnerability in RT Internet Solu

vulnerability | Solutions | injection | Internet | SQL |

SQL injection vulnerability in RT Internet Solutions (RTIS) WebAdmin allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.


SQL injection vulnerability in an unspecified A

vulnerability | unspecified | Accelerated | Enterprise | attackers | arbitrary | Solutions | injection | parameter | password | commands | possibly | product | execute | remote | allows | SQL | via |

SQL injection vulnerability in an unspecified Accelerated Enterprise Solutions product, possibly Accelerated E Solutions, allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


SQL injection vulnerability in projects/project

projects/project-editasp | vulnerability | Solutions | injection | Intranet | Source | Digger | Open | SQL |

SQL injection vulnerability in projects/project-edit.asp in Digger Solutions Intranet Open Source (IOS) version 2.7.2 allows remote attackers to execute arbitrary SQL commands via the project_id parameter.


Integer overflow in the do_replace function in

"virtualization | copy_from_user | CAP_NET_ADMIN | solutions" | do_replace | netfilter | overflow | function | 2616-rc3 | Integer | allows | buffer | rights | before | OpenVZ | using | cause | local | users | Linux | such |

Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.


The installation of SQLAnywhere in Symantec Gho

installation | SQLAnywhere | Solutions | Symantec | Suite | Ghost | used |

The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks.


Buffer overflow in the login dialog in dbisqlc.

SQLAnywhere | dbisqlcexe | Solutions | overflow | Symantec | Buffer | dialog | login | Suite | Ghost | used |

Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database.


Cross-site scripting (XSS) vulnerability in for

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in forum_search.asp in Intelligent Solutions Inc. ASP Discussion Forum allows remote attackers to inject arbitrary web script or HTML via the search variable.


PHP remote file inclusion vulnerability in main

path[ShowProcessHandle] | vulnerability | attackers | Solutions | parameter | arbitrary | inclusion | earlier | execute | mainphp | System | remote | allows | code | file | CMS | PHP | via | URL |

PHP remote file inclusion vulnerability in main.php in Ay System Solutions CMS 2.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path[ShowProcessHandle] parameter.


install/loader_help.php in Headstart Solutions

install/loader_helpphp | configuration | QUERY_STRING | information | q=phpinfo | Headstart | attackers | Solutions | function | phpinfo | DeskPRO | allows | remote | obtain | calls | which | via |

install/loader_help.php in Headstart Solutions DeskPRO allows remote attackers to obtain configuration information via a q=phpinfo QUERY_STRING, which calls the phpinfo function.


attachment.php in Headstart Solutions DeskPRO a

attachmentphp | attackers | parameter | providing | Solutions | Headstart | modified | uploaded | DeskPRO | allows | number | remote | files | read | file | all |

attachment.php in Headstart Solutions DeskPRO allows remote attackers to read all uploaded files by providing the file number in a modified id parameter.


Digger Solutions Intranet Open Source (IOS) sto

Solutions | Intranet | Source | Digger | Open |

Digger Solutions Intranet Open Source (IOS) stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for data/intranet.mdb.


Buffer overflow in the EnumPrintersA function i

EnumPrintersA | dapcnfsddll | function | overflow | Buffer |

Buffer overflow in the EnumPrintersA function in dapcnfsd.dll 0.6.4.0 in Shaffer Solutions (SSC) DiskAccess NFS Client allows remote attackers to execute arbitrary code via a long argument, an issue similar to CVE-2006-5854 and CVE-2007-0444.


Software vulnerabilities results 1 to 20 of 53     
Page: 123