Searching sql net software vulnerabilities

Buffer overflows in Red Hat net-tools package.

net-tools | overflows | package | Buffer | Red | Hat |

Buffer overflows in Red Hat net-tools package.


Buffer overflow in QPC QVT/Net Popd 4.20 in QVT

overflow | QVT/Net | Buffer | Popd | QPC |

Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via (1) a long username, or (2) a long password.


orderdetails.aspx, as made available to Microso

wwwibuyspystorecom | orderdetailsaspx | demonstrated | developers | modifying | available | parameter | attackers | Microsoft | OrderID | example | orders | allows | remote | users | other | made | code | view | NET |

orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter.


Multiple cross-site scripting vulnerabilities i

vulnerabilities | cross-site | arbitrary | attackers | scripting | Multiple | earlier | execute | remote | allows | script | Voxel | other | users | CBMS | Net | Dot |

Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allows remote attackers to execute arbitrary script as other CBMS users.


Vulnerabilities in Voxel Dot Net CBMS 0.7 and e

Vulnerabilities | unauthorized | operations | dltclntphp | injection | attackers | possibly | deleting | clients | conduct | earlier | remote | attack | users | allow | Voxel | other | CBMS | SQL | Net | via | Dot |

Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote attackers to conduct unauthorized operations as other users, e.g. by deleting clients via dltclnt.php, possibly in a SQL injection attack.


The default installation of SAP R/3, when using

installation | SQL*net | default | Oracle | using | SAP | R/3 |

The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote attackers to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protected.


Buffer overflow in net_swapscore for typespeed

net_swapscore | typespeed | overflow | Buffer |

Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allows remote attackers to execute arbitrary code.


Net-SNMP before 5.0.9 allows a user or communit

Net-SNMP | before |

Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed.


The slip_down function in slip.c for the uml_ne

uml-utilities | slip_down | function | program | uml_net | slipc |

The slip_down function in slip.c for the uml_net program in uml-utilities Wednesday, September 03, 2003, when uml_net is installed setuid root, does not verify whether the calling user has sufficient permission to disable an interface, which allows local users to cause a denial of service (network service disabled).


Multiple SQL injection vulnerabilities in Net P

vulnerabilities | injection | Multiple | Dynamic | Portal | System | SQL | Net |

Multiple SQL injection vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to execute arbitrary SQL commands via the (1) terme parameter in the glossaire module (glossaire.php) or (2) query parameter to links.php.


Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.

Net-SNMP | before | 50x |

Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop.


Multiple unspecified vulnerabilities in Oracle

vulnerabilities | unspecified | Database | Multiple | server | Oracle |

Multiple unspecified vulnerabilities in Oracle Database server 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB04 and (2) DB06 in the (a) Data Pump component; (3) DB10 in the (b) Net Listener component; and (4) DB16 in the (c) Oracle Text component. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that DB06 is SQL injection in the GENERATE_JOB_NAME, GET_WORKERSTATUSLIST1010, GET_PARAMVALUES1010, GET_DUMPFILESET1010, GET_JOBSTATUS1010, ATTACH, and ESTABLISH_REMOTE_CONTEXT functions in DBMS_DATAPUMP.


nettools.php in PHP Net Tools 2.7.1 allows remo

nettoolsphp | Tools | Net | PHP |

nettools.php in PHP Net Tools 2.7.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter.


Multiple buffer overflows in multiplay.cpp in U

multiplaycpp | overflows | Multiple | UFO2000 | buffer | svn |

Multiple buffer overflows in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arbitrary code via (1) a long unit name in Net::recv_add_unit,; (2) large values to Net::recv_rules, Net::recv_select_unit, Net::recv_options, and Net::recv_unit_data; and (3) a large mapdata GEODATA structure in Net::recv_map_data.


SQL injection vulnerability in MoreInfo.asp in

vulnerability | ASPired2Poll | MoreInfoasp | arbitrary | parameter | injection | attackers | commands | execute | earlier | allows | remote | Guys | SQL | via | Net |

SQL injection vulnerability in MoreInfo.asp in The Net Guys ASPired2Poll 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.


Unspecified vulnerability in Net-SNMP 5.3 befor

vulnerability | Unspecified | Net-SNMP | before |

Unspecified vulnerability in Net-SNMP 5.3 before 5.3.0.1, when configured using the rocommunity or rouser snmpd.conf tokens, causes Net-SNMP to gran write access to users or communities that only have read-only access.


The Just In Time (JIT) Compiler service in Micr

Time | Just |

The Just In Time (JIT) Compiler service in Microsoft .NET Framework 2.0 through 2.0 SP2 for Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer," probably a buffer overflow, aka ".NET JIT Compiler Vulnerability".


Multiple SQL injection vulnerabilities in Free

vulnerabilities | injection | Multiple | Free | LAN | SQL |

Multiple SQL injection vulnerabilities in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some sources mention the escape_sqlData, implode_sql, and implode_sqlIn functions, but these are protection schemes, not the vulnerable functions.


Variable extraction vulnerability in grab_globa

grab_globalsphp | vulnerability | extraction | Variable | Dynamic | Portal | System | Net |

Variable extraction vulnerability in grab_globals.php in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to conduct SQL injection attacks via the _FILES[DB][tmp_name] parameter to print.php, which overwrites the $DB variable with dynamic variable evaluation.


PHP remote file inclusion vulnerability in inde

vulnerability | Management | inclusion | indexphp | Content | remote | System | Side | file | PHP | Net |

PHP remote file inclusion vulnerability in index.php in Net Side Content Management System (Net-Side.net CMS) allows remote attackers to execute arbitrary PHP code via a URL in the cms parameter.


Software vulnerabilities results 1 to 20 of 2653     
Page: 12345...133