Searching super h software vulnerabilities

super 3.11.6 and other versions have a buffer o

super |

super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.


Format string vulnerability in Hylafax on FreeB

vulnerability | specifiers | arbitrary | argument | hostname | execute | Hylafax | FreeBSD | Format | string | allows | users | local | code | via |

Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter.


Buffer overflow in ClanLib library 0.5 may allo

arbitrary | overflow | execute | library | ClanLib | Buffer | games | users | allow | local | such | code | use | may |

Buffer overflow in ClanLib library 0.5 may allow local users to execute arbitrary code in games that use the library, such as (1) Super Methane Brothers, (2) Star War, (3) Kwirk, (4) Clankanoid, and others, via a long HOME environment variable.


Lotus Domino Web Server (nhttp.exe) before 6.0.

Server | Domino | Lotus | Web |

Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form.


H-Sphere WebShell 2.3 allows remote attackers t

metacharacters | attackers | arbitrary | commands | WebShell | H-Sphere | execute | allows | remote | shell | via |

H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) mode and (2) zipfile parameters in a URL request.


Format string vulnerability in super before 3.2

vulnerability | before | Format | string | super |

Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.


X-Micro WLAN 11b Broadband Router 1.2.2, 1.2.2.

Broadband | X-Micro | Router | WLAN | 11b |

X-Micro WLAN 11b Broadband Router 1.2.2, 1.2.2.3, 1.2.2.4, and 1.6.0.0 has a hardcoded "super" username and password, which could allow remote attackers to gain access.


NetGear WG602 (aka WG602v1) Wireless Access Poi

NetGear | WG602 |

NetGear WG602 (aka WG602v1) Wireless Access Point firmware 1.04.0 and 1.5.67 has a hardcoded account of username "super" and password "5777364", which allows remote attackers to modify the configuration.


H-Sphere Winbox 2.4.2 and 2.4.3 RC1 stores sens

H-Sphere | Winbox |

H-Sphere Winbox 2.4.2 and 2.4.3 RC1 stores sensitive information such as username and password in plaintext in world-readable log files, which allows local users to gain privileges.


SQL injection vulnerability in ZixForum 1.12 al

vulnerability | injection | ZixForum | SQL |

SQL injection vulnerability in ZixForum 1.12 allows remote attackers to execute arbitrary SQL commands via the H_ID parameter to (1) zixforum/forum.asp, as used in (2) Headforums.asp and (3) Subject.asp.


NETGEAR WGT624 Wireless DSL router has a defaul

super_username | configuration | super_passwd | "Gearguy" | attackers | "Geardog" | Wireless | NETGEAR | default | account | allows | remote | router | WGT624 | modify | which | has | DSL |

NETGEAR WGT624 Wireless DSL router has a default account of super_username "Gearguy" and super_passwd "Geardog", which allows remote attackers to modify the configuration. NOTE: a followup post has suggested that this might not occur with all WGT624 routers.


Buffer overflow in man and mandb (man-db) 2.4.3

overflow | Buffer | mandb | man |

Buffer overflow in man and mandb (man-db) 2.4.3 and earlier allows local users to execute arbitrary code via crafted arguments to the -H flag.


admin/index.php in Longino Jacome php-Revista 1

admin/indexphp | php-Revista | Longino | Jacome |

admin/index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to bypass authentication controls by setting the ID_ADMIN and SUPER_ADMIN parameters to 1.


Cross-site scripting (XSS) vulnerability in Sup

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Super Link Exchange Script 1.0 allows remote attackers to inject arbitrary web script or HTML via IMG tags in the search box.


SQL injection vulnerability in directory.php in

vulnerability | directoryphp | attackers | arbitrary | injection | parameter | Exchange | queries | execute | remote | Script | Super | might | allow | Link | SQL | cat | via |

SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter.


Directory traversal vulnerability in make_thumb

make_thumbnailphp | vulnerability | sequences | attackers | arbitrary | traversal | Directory | parameter | Exchange | imgpath | allows | Script | remote | Super | files | read | Link | via |

Directory traversal vulnerability in make_thumbnail.php in Super Link Exchange Script 1.0 allows remote attackers to read arbitrary files via ".." sequences in the imgpath parameter.


Unspecified vulnerability in PHP before 5.2.1 a

vulnerability | Unspecified | before | PHP |

Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.


manage-admins.php in eSyndiCat Pro 1.x allows r

manage-adminsphp | administrative | unspecified | additional | parameters | new_pass2 | eSyndiCat | attackers | new_pass | accounts | modified | username | certain | action | status | create | remote | allows | impact | super | other | have | add | via | Pro |

manage-admins.php in eSyndiCat Pro 1.x allows remote attackers to create additional administrative accounts, and have other unspecified impact, via modified username, new_pass, new_pass2, status, super, and certain other parameters in an add action.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in PHP Live! 3.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) sid parameter to (a) chat.php, (2) LANG[DEFAULT_BRANDING] and (3) PHPLIVE_VERSION parameters to (b) help.php, the (4) admin[name] parameter to (c) admin/header.php, and the (5) BASE_URL parameter to (d) super/info.php, and in some cases, the LANG[DEFAULT_BRANDING], PHPLIVE_VERSION, and (6) nav_line parameters to setup/footer.php, different vectors than CVE-2006-6769.


Multiple directory traversal vulnerabilities in

vulnerabilities | Mailguard | traversal | directory | Multiple | Maia |

Multiple directory traversal vulnerabilities in Maia Mailguard 1.0.2 and earlier might allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) prevlang and (2) super parameters to (a) php/login.php; the (3) charset parameter to (a) php/login.php, (b) php/internal-init.php, and (c) php/xlogin.php; the (4) lang parameter to (b) php/internal-init.php; and the (5) language parameter to (c) php/xlogin.php.


Software vulnerabilities results 1 to 20 of 91     
Page: 12345