Searching static software vulnerabilities

Windows 95 and Windows 98 do not properly proce

attackers | overwrite | properly | packets | entries | process | Windows | spoofed | static | remote | allows | cache | table | which | not | ARP |

Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers to overwrite static entries in the cache table.


Dynamically Loadable Kernel Module (dlkm) stati

Dynamically | Loadable | Module | Kernel |

Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges.


One-Time Passwords In Everything (a.k.a OPIE) 2

Everything | Passwords | One-Time |

One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and static passphrases if the user account does exist.


Direct static code injection vulnerability in t

vulnerability | phpCodeGenie | application | generation | injection | simple | static | Direct | before | code | PCG |

Direct static code injection vulnerability in the PCG simple application generation in phpCodeGenie before 3.0.2 allows remote authenticated users to execute arbitrary code via the (1) header or (2) footer.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | iPhotoAlbum | inclusion | attackers | arbitrary | Multiple | execute | remote | allow | code | file | via | PHP |

Multiple PHP remote file inclusion vulnerabilities in iPhotoAlbum 1.1 allow remote attackers to execute arbitrary code via the (1) doc_path parameter to getpage.php or (2) set_menu parameter to lib/static/header.php.


Unknown vulnerability in the LDAP dissector in

vulnerability | dissector | Ethereal | Unknown | LDAP |

Unknown vulnerability in the LDAP dissector in Ethereal 0.8.5 through 0.10.11 allows remote attackers to cause a denial of service (free static memory and application crash) via unknown attack vectors.


Direct static code injection vulnerability in e

vulnerability | editcssphp | injection | Gravity | Direct | static | Board | code |

Direct static code injection vulnerability in editcss.php in Gravity Board X (GBX) 1.1 allows remote attackers to execute arbitrary PHP code, HTML, and script via the csscontent parameter, which is directly inserted into the gbxfinal.css file.


Spectrum Cash Receipting System before 6.504 us

Receipting | Spectrum | before | System | Cash |

Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a password.


Direct static code injection vulnerability in p

vulnerability | injection | phpBook | Direct | static | code |

Direct static code injection vulnerability in phpBook 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via the e-mail field (mail variable) in a new message, which is written to a PHP file.


Unspecified vulnerability in config.php in Skat

administrators | authenticated | vulnerability | Unspecified | injection | arbitrary | variables | configphp | possibly | modified | certain | causing | execute | static | direct | allows | remote | Skate | Board | code | PHP | due | XSS |

Unspecified vulnerability in config.php in Skate Board 0.9 allows remote authenticated administrators to execute arbitrary PHP code by causing certain variables in config.php to be modified, possibly due to XSS or direct static code injection.


Direct static code injection vulnerability in w

vulnerability | injection | writephp | Admbook | Direct | static | code |

Direct static code injection vulnerability in write.php in Admbook 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via the X-Forwarded-For HTTP header field, which is inserted into content-data.php.


Multiple direct static code injection vulnerabi

vulnerabilities | savesettingsphp | injection | ShoutLIVE | Multiple | direct | static | code |

Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow remote attackers to execute arbitrary PHP code via variables that are written to settings.php.


Direct static code injection vulnerability in a

admin/configphp | vulnerability | injection | vscripts | Direct | static | code |

Direct static code injection vulnerability in admin/config.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allows remote authenticated administrators to execute code by inserting the code into variables that are stored in admin/config.php.


Direct static code injection vulnerability in Q

administrators | vulnerability | authenticated | injection | modifying | configphp | arbitrary | execute | Direct | static | QLnews | remote | allows | code | PHP |

Direct static code injection vulnerability in QLnews 1.2 allows remote authenticated administrators to execute arbitrary PHP code by modifying config.php.


Direct static code injection vulnerability in t

vulnerability | tickerdbphp | injection | Direct | Chucky | static | Ivey | code |

Direct static code injection vulnerability in ticker.db.php in Chucky A. Ivey N.T. 1.1.0 allows remote administrators to insert arbitrary PHP code into the config file, which is included other N.T. scripts.


Direct static code injection vulnerability in P

vulnerability | authenticated | adminitrators | set_incphp | arbitrary | injection | settings | execute | certain | editing | Publish | allows | stored | static | Direct | rmeote | which | code | PHP | Pro |

Direct static code injection vulnerability in Pro Publish 2.0 allows rmeote authenticated adminitrators to execute arbitrary PHP code by editing certain settings, which are stored in set_inc.php.


Direct static code injection vulnerability in A

vulnerability | injection | Generator | before | Direct | static | Stats | code | ASP |

Direct static code injection vulnerability in ASP Stats Generator before 2.1.2 allows remote authenticated attackers to execute arbitrary ASP code via the strAsgSknPageBgColour parameter to settings_skin.asp, which is stored in inc_skin_file.asp.


Static code injection vulnerability in install.

vulnerability | mcrconfincphp | installphp | arbitrary | attackers | parameter | injection | inserted | bgcolor | execute | mcRefer | remote | Static | allows | which | into | code | PHP | via |

Static code injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary PHP code via the bgcolor parameter, which is inserted into mcrconf.inc.php.


Direct static code injection vulnerability in s

vulnerability | shoutboxphp | injection | ShoutPro | Direct | static | code |

Direct static code injection vulnerability in shoutbox.php in ShoutPro 1.5.2 allows remote attackers to inject arbitrary PHP code into shouts.php via the shout parameter.


Static code injection vulnerability in process.

vulnerability | processphp | attackers | parameter | configphp | injection | AimStats | update | number | Static | action | allows | remote | inject | into | code | PHP | via |

Static code injection vulnerability in process.php in AimStats 3.2 allows remote attackers to inject PHP code into config.php via the number parameter in an update action.


Software vulnerabilities results 1 to 20 of 107     
Page: 123456