Searching start software vulnerabilities

LPPlus programs dccsched, dcclpdser, dccbkst, d

dccbkstshut | executable | dcclpdshut | arbitrary | installed | dcclpdser | services | programs | dccsched | various | dccshut | dccbkst | allows | LPPlus | setuid | users | start | world | which | local | root | stop | LPD |

LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and dccbkstshut are installed setuid root and world executable, which allows arbitrary local users to start and stop various LPD services.


Unknown vulnerability in Java web start 1.0.1_0

vulnerability | Unknown | 101_01 | start | Java | web |

Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows attackers to gain access to restricted resources via unknown attack vectors.


A race condition in the way env_start and env_e

fs/proc/basec | initialized | env_start | condition | pointers | service | env_end | allows | system | execve | denial | cause | local | users | Linux | race | call | used | way |

A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).


Cross-site scripting (XSS) vulnerability in sta

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.


BEA WebLogic Server and Express, when using Nod

NodeManager | privileges | Operators | overwrite | passwords | usernames | provides | Operator | WebLogic | Express | servers | Server | Admin | which | allow | start | using | users | gain | BEA | may |

BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users with privileges to overwrite usernames and passwords, which may allow Operators to gain Admin privileges.


MaxWebPortal 1.30 allows remote attackers to pe

MaxWebPortal |

MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields, such as the (1) news, (2) lock, or (3) allmem fields in the 'start new topic' HTML page.


Gadu-Gadu build 155 and earlier allows remote a

Gadu-Gadu | build |

Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop) via a message that contains an image whose filename does not start with restricted characters.


passwd 0.68 does not check the return code for

passwd |

passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM.


The xvesa code in Novell Netware 6.5 SP2 and SP

GUIMirror/Start | authentication | attackers | redirect | xsession | Netware | without | request | allows | direct | remote | Novell | xvesa | code | SP2 | SP3 | via |

The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start.


The fib_seq_start function in fib_hash.c in Lin

fib_seq_start | fib_hashc | function | service | denial | allows | kernel | Linux | cause | local | users |

The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route.


SQL injection vulnerability in readpmsg.php in

vulnerability | readpmsgphp | injection | PostNuke | SQL |

SQL injection vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to execute arbitrary SQL commands via the start parameter.


Cross-site scripting (XSS) vulnerability in rea

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to inject arbitrary web script or HTML via the start parameter.


Java Web Start in Java 2 Platform Standard Edit

Platform | Standard | Edition | Start | Java | Web |

Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges.


SQL injection vulnerability in thread.php in AP

vulnerability | arbitrary | attackers | threadphp | injection | parameter | commands | execute | APBoard | allows | remote | start | SQL | via |

SQL injection vulnerability in thread.php in APBoard allows remote attackers to execute arbitrary SQL commands via the start parameter.


SQL injection vulnerability in ringmaker.php in

vulnerability | ringmakerphp | Ringmaker | arbitrary | attackers | injection | parameter | commands | execute | earlier | allows | remote | start | Orca | SQL | 23c | via |

SQL injection vulnerability in ringmaker.php in Orca Ringmaker 2.3c and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter.


SQL injection vulnerability in index.php in xue

vulnerability | attackers | arbitrary | injection | parameter | commands | indexphp | execute | xueBook | allows | remote | start | SQL | via |

SQL injection vulnerability in index.php in xueBook 1.0 allows remote attackers to execute arbitrary SQL commands via the start parameter.


PHP remote file inclusion vulnerability in basi

basepath_start | vulnerability | basicincphp | arbitrary | attackers | inclusion | parameter | PhpMyCms | execute | remote | allows | code | file | PHP | via | URL |

PHP remote file inclusion vulnerability in basic.inc.php in PhpMyCms 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the basepath_start parameter.


Unspecified vulnerability in phpBB before 2.0.2

vulnerability | Unspecified | before | phpBB |

Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to a "negative start parameter."


Cross-site scripting (XSS) vulnerability in dir

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in directory/index.php in Chipmunk directory allows remote attackers to inject arbitrary web script or HTML via the start parameter.


Sun Java Web Start in JDK and JRE 5.0 Update 10

unauthorized | application | "Incorrect | privileges | attackers | probably | Classes" | perform | actions | support | related | earlier | grants | Update | System | itself | 142_13 | allows | remote | files | Start | Java | JNLP | Web | Sun | SDK | via | Use | JDK | JRE |

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.


Software vulnerabilities results 1 to 20 of 102     
Page: 123456