Searching specifying software vulnerabilities

NFS allows attackers to read and write any file

specifying | attackers | system | allows | false | write | read | file | UID | NFS | any |

NFS allows attackers to read and write any file on the system by specifying a false UID.


FileSystemObject (FSO) in the showfile.asp Acti

FileSystemObject |

FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.


suidexec in suidmanager 0.18 on Debian 2.0 allo

suidmanager | suidexec |

suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain root privileges by specifying a malicious program on the command line.


Buffer overflow in passwd in BSD based operatin

specifying | privileges | operating | overflow | systems | earlier | allows | Buffer | passwd | field | GECOS | shell | users | local | based | long | root | gain | BSD |

Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field.


The sysgen service in Aptis Totalbill does not

authentication | specifying | connecting | privileges | attackers | Totalbill | executed | commands | perform | service | remote | sysgen | allows | Aptis | which | root | gain | does | not |

The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed.


Htgrep CGI program allows remote attackers to r

specifying | arbitrary | attackers | parameter | pathname | program | Htgrep | allows | remote | files | full | read | CGI | hdr |

Htgrep CGI program allows remote attackers to read arbitrary files by specifying the full pathname in the hdr parameter.


search.dll Sambar ISAPI Search utility in Samba

directories | specifying | searchdll | arbitrary | attackers | directory | paraeater | utility | remote | Server | Search | Sambar | allows | query | ISAPI | Beta | read |

search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 allows remote attackers to read arbitrary directories by specifying the directory in the query paraeater.


kdebug daemon (kdebugd) in Digital Unix 4.0F al

daemon | kdebug |

kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to read arbitrary files by specifying the full file name in the initialization packet.


Buffer overflow in phf CGI program allows remot

specifying | arbitrary | attackers | arguments | including | commands | overflow | execute | program | number | allows | Buffer | header | remote | large | long | MIME | CGI | phf |

Buffer overflow in phf CGI program allows remote attackers to execute arbitrary commands by specifying a large number of arguments and including a long MIME header.


Offline Explorer 1.4 before Service Release 2 a

specifying | arbitrary | attackers | Explorer | Release | Offline | Service | letter | allows | remote | before | drive | files | read |

Offline Explorer 1.4 before Service Release 2 allows remote attackers to read arbitrary files by specifying the drive letter (e.g. C:) in the requested URL.


Way-board CGI program allows remote attackers t

terminating | specifying | attackers | arbitrary | parameter | Way-board | filename | program | remote | allows | files | null | read | byte | CGI |

Way-board CGI program allows remote attackers to read arbitrary files by specifying the filename in the db parameter and terminating the filename with a null byte.


login.gas.bat and other CGI scripts in Entrust

logingasbat | specifying | -classpath | attackers | arbitrary | getAccess | alternate | possibly | programs | commands | argument | scripts | execute | Entrust | remote | other | allow | Java | CGI |

login.gas.bat and other CGI scripts in Entrust getAccess allow remote attackers to execute Java programs, and possibly arbitrary commands, by specifying an alternate -classpath argument.


RLPDaemon in HP-UX 10.20 and 11.0 allows local

RLPDaemon | HP-UX |

RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.


Vulnerabilities in phpMyChat before 0.14.4 allo

Vulnerabilities | phpMyChat | before |

Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter.


comment2.jse in ScriptEase:WebServer allows rem

comment2jse |

comment2.jse in ScriptEase:WebServer allows remote attackers to read arbitrary files by specifying the target file as an argument in the URL.


CGIscript.net csMailto.cgi program allows remot

form-attachment | CGIscriptnet | csMailtocgi | specifying | arbitrary | attackers | filename | program | target | allows | remote | field | files | read |

CGIscript.net csMailto.cgi program allows remote attackers to read arbitrary files by specifying the target filename in the form-attachment field.


browse.asp in Hosting Controller allows remote

directories | Controller | specifying | parameter | arbitrary | attackers | browseasp | pathname | FilePath | Hosting | target | allows | remote | view |

browse.asp in Hosting Controller allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter.


LimeWire 4.1.2 through 4.5.6 allows remote atta

LimeWire |

LimeWire 4.1.2 through 4.5.6 allows remote attackers to read arbitrary files by specifying the full pathname in a Gnutella GET request.


Absolute path traversal vulnerability in the co

simultaneously | vulnerability | authenticated | directories | specifying | ByteHoard | directory | overwrite | parameter | traversal | filename | filepath | indexphp | Absolute | infolder | earlier | users' | allows | remote | Godwin | action | Andrew | create | other | files | users | copy | path |

Absolute path traversal vulnerability in the copy action in index.php in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to create or overwrite files in other users' directories by specifying the absolute path of the directory in the infolder parameter and simultaneously specifying the filename in the filepath parameter.


index.php for TorrentFlux 2.2 allows remote att

TorrentFlux | specifying | attackers | parameter | filename | indexphp | delfile | target | remote | allows | delete | files |

index.php for TorrentFlux 2.2 allows remote attackers to delete files by specifying the target filename in the delfile parameter.


Software vulnerabilities results 1 to 20 of 84     
Page: 12345