store software vulnerabilities
vulnerabilities.aspcode.net
Searching store software vulnerabilities
ControlIT v4.5 and earlier uses weak encryption
encryption
|
ControlIT
|
usernames
|
passwords
|
earlier
|
address
|
store
|
weak
|
book
|
uses
|
v45
|
ControlIT v4.5 and earlier uses weak encryption to store usernames and passwords in an address book.
IBM WebSphere ikeyman tool uses weak encryption
connections
|
encryption
|
WebSphere
|
password
|
database
|
ikeyman
|
store
|
tool
|
used
|
weak
|
uses
|
IBM
|
SSL
|
key
|
IBM WebSphere ikeyman tool uses weak encryption to store a password for a key database that is used for SSL connections.
Modifications to ACLs (Access Control Lists) in
Modifications
|
ACLs
|
Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed.
Kabsoftware Lydia utility uses weak encryption
Kabsoftware
|
encryption
|
privileges
|
passwords
|
lydiaini
|
decrypt
|
utility
|
easily
|
allows
|
local
|
Lydia
|
users
|
store
|
which
|
gain
|
weak
|
file
|
uses
|
user
|
Kabsoftware Lydia utility uses weak encryption to store user passwords in the lydia.ini file, which allows local users to easily decrypt the passwords and gain privileges.
Macromedia Dreamweaver uses weak encryption to
Dreamweaver
|
encryption
|
Macromedia
|
passwords
|
decrypt
|
easily
|
local
|
allow
|
other
|
users
|
store
|
which
|
could
|
weak
|
uses
|
FTP
|
Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users.
Ipswitch IMail 5.0 and 6.0 uses weak encryption
encryption
|
passwords
|
attackers
|
accounts
|
registry
|
Ipswitch
|
allows
|
e-mail
|
local
|
IMail
|
store
|
which
|
weak
|
keys
|
uses
|
read
|
Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts.
The Make-a-Store OrderPage shopping cart applic
Make-a-Store
|
information
|
application
|
OrderPage
|
sensitive
|
purchase
|
shopping
|
modify
|
allows
|
fields
|
hidden
|
remote
|
users
|
cart
|
form
|
via
|
The Make-a-Store OrderPage shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
The Protected Store in Windows 2000 does not pr
Protected
|
Windows
|
Store
|
The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability.
PassWD 1.2 uses weak encryption (trivial encodi
encryption
|
PassWD
|
weak
|
uses
|
PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords.
SawMill 5.0.21 uses weak encryption to store pa
SawMill
|
SawMill 5.0.21 uses weak encryption to store passwords, which allows attackers to easily decrypt the password and modify the SawMill configuration.
WFTPD and WFTPD Pro 2.41 allows remote attacker
WFTPD
|
Pro
|
WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by using the RESTART (REST) command and writing beyond the end of a file, or writing to a file that does not exist, via commands such as STORE UNIQUE (STOU), STORE (STOR), or APPEND (APPE).
WinU 5.x and earlier uses weak encryption to st
configuration
|
encryption
|
privileges
|
password
|
decrypt
|
earlier
|
allows
|
local
|
users
|
which
|
store
|
gain
|
weak
|
uses
|
WinU
|
its
|
WinU 5.x and earlier uses weak encryption to store its configuration password, which allows local users to decrypt the password and gain privileges.
CoffeeCup Direct and Free FTP clients useas wea
FTPServersini
|
encryption
|
attackers
|
passwords
|
CoffeeCup
|
decrypt
|
clients
|
Direct
|
easily
|
which
|
allow
|
could
|
useas
|
store
|
Free
|
file
|
weak
|
FTP
|
CoffeeCup Direct and Free FTP clients useas weak encryption to store passwords in the FTPServers.ini file, which could allow attackers to easily decrypt the passwords.
tradecli.dll in Arcadia Internet Store 1.0 allo
tradeclidll
|
parameter
|
template
|
attacker
|
Internet
|
request
|
service
|
Arcadia
|
device
|
MS-DOS
|
denial
|
remote
|
allows
|
Store
|
cause
|
name
|
via
|
URL
|
tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to cause a denial of service via a URL request with an MS-DOS device name in the template parameter.
tradecli.dll in Arcadia Internet Store 1.0 allo
tradeclidll
|
directory
|
discover
|
attacker
|
template
|
argument
|
Internet
|
working
|
Arcadia
|
allows
|
remote
|
Store
|
exist
|
does
|
file
|
path
|
full
|
URL
|
not
|
via
|
tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to discover the full path to the working directory via a URL with a template argument for a file that does not exist.
Intellisol Xpede 4.1 uses weak encryption to st
authentication
|
information
|
encryption
|
privileges
|
Intellisol
|
cookies
|
access
|
local
|
allow
|
Xpede
|
users
|
store
|
which
|
could
|
gain
|
uses
|
weak
|
Intellisol Xpede 4.1 uses weak encryption to store authentication information in cookies, which could allow local users with access to the cookies to gain privileges.
Alt-N Technologies Mdaemon 5.0 through 5.0.6 us
Technologies
|
through
|
Mdaemon
|
Alt-N
|
Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user passwords, which allows local users to crack passwords.
Cross-site scripting (XSS) vulnerability in mor
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in more.php for Online Store Kit 3.0 allows remote attackers to inject arbitrary HTML via the id parameter.
Musicmatch 10.00.2047 and earlier store log fil
Musicmatch
|
Musicmatch 10.00.2047 and earlier store log files in the Program Files directory instead of the user profile, which may allow local users to obtain sensitive information.
Cross-site scripting (XSS) vulnerability in sto
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in store/login.asp in CartWIZ allows remote attackers to inject arbitrary web script or HTML via the message parameter.
Software vulnerabilities results 1 to 20 of 92
Page:
1
2
3
4
5
►