Searching top software vulnerabilities

Internet Anywhere POP3 Mail Server 2.3.1 allows

Anywhere | Internet | Server | Mail | POP3 |

Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to cause a denial of service (crash) via (1) LIST, (2) TOP, or (3) UIDL commands using letters as arguments.


Cross-site scripting (XSS) vulnerability in ind

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in index.php for Ledscripts.com LedForums Beta 1 allows remote attackers to inject arbitrary web script or HTML via the (1) top_message parameter or (2) topic field of a new thread.


SQL injection vulnerability in index.php in Inv

vulnerability | arbitrary | parameter | injection | attackers | comments | indexphp | Invision | execute | earlier | action | remote | allows | Power | List | Site | SQL | Top | via |

SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and earlier allows remote attackers to execute arbitrary SQL via the id parameter of the comments action.


Microsoft Outlook Express 6.0 allows remote att

restrictions | facilitate | attackers | arbitrary | Microsoft | intended | phishing | sources | Outlook | attacks | context | content | Express | bypass | allows | remote | "_top" | target | access | "BASE | HREF" | load | into | via | set |

Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top".


SQL injection vulnerability in the Top module f

vulnerability | attackers | arbitrary | querylang | injection | parameter | commands | PHP-Nuke | through | execute | module | allows | remote | SQL | Top | via |

SQL injection vulnerability in the Top module for PHP-Nuke 6.x through 7.6 allows remote attackers to execute arbitrary SQL commands via the querylang parameter.


PHP file inclusion vulnerability in top_graph_h

config[library_path] | top_graph_headerphp | vulnerability | arbitrary | attackers | inclusion | parameter | versions | possibly | execute | earlier | remote | allows | Cacti | file | code | 086d | PHP | via |

PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter.


Unspecified vulnerability in Sun Java System Ac

authentication | administrator | vulnerability | Unspecified | privileges | top-level | amadmin | Manager | "root" | bypass | logged | Access | System | allows | users | local | tool | Java | gain | CLI | via | Sun |

Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool.


PHP remote file inclusion vulnerability in inde

PixelArtKingdom | vulnerability | parameter | attackers | arbitrary | inclusion | indexphp | include | execute | allows | remote | files | sites | page | file | PHP | Top | via |

PHP remote file inclusion vulnerability in index.php in Top sites de PixelArtKingdom allows remote attackers to include and execute arbitrary files via the page parameter.


Multiple SQL injection vulnerabilities in index

vulnerabilities | injection | indexphp | Musicbox | Multiple | SQL |

Multiple SQL injection vulnerabilities in index.php in Musicbox 2.3.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) start parameter in a search action or (2) type parameter in a top action.


PHP remote file inclusion vulnerability in top/

vulnerability | top/listphp | inclusion | TopList | remote | phpBB | file | PHP |

PHP remote file inclusion vulnerability in top/list.php in phpBB TopList 1.3.8 and earlier allows remote attackers to include arbitrary files via the returnpath parameter.


CodeMunkyX (aka free-php.net) Simple Poll 1.0,

CodeMunkyX |

CodeMunkyX (aka free-php.net) Simple Poll 1.0, when authentication is not required for the admin directory, allows remote attackers to gain administrative privileges by appending /admin/ to the top-level URI of the application.


Cross-site scripting (XSS) vulnerability in ind

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in index.php in Monster Top List (MTL) 1.4 allows remote attackers to inject arbitrary web script or HTML via the user_error_message parameter.


SQL injection vulnerability in Shalwan MusicBox

vulnerability | injection | MusicBox | Shalwan | SQL |

SQL injection vulnerability in Shalwan MusicBox 2.3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter in a viewgallery action in a request for the top-level URI. NOTE: the start parameter/search action is already covered by CVE-2006-1807, and the show parameter/top action is already covered by CVE-2006-1360.


Check Point FireWall-1 allows remote attackers

certificate | FireWall-1 | revocation | attackers | obtain | allows | remote | lists | Check | Point |

Check Point FireWall-1 allows remote attackers to obtain certificate revocation lists (CRLs) and other unspecified sensitive information via an HTTP request for the top-level URI on the internal certificate authority (ICA) port (18264/tcp).


Unspecified vulnerability in MERCUR Messaging 2

vulnerability | Unspecified | Messaging | MERCUR |

Unspecified vulnerability in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (crash) via a TOP command to the POP3 service.


PHP remote file inclusion vulnerability in inde

vulnerability | index/mainphp | inclusion | remote | Aztek | Forum | file | PHP |

PHP remote file inclusion vulnerability in index/main.php in Aztek Forum 4.00 allows remote authenticated administrators to execute arbitrary PHP code via a URL in the PF[top_url] parameter.


Portal Search allows remote attackers to redire

attackers | arbitrary | top-level | redirect | placing | Portal | string | Search | allows | remote | query | site | URI | URL | web |

Portal Search allows remote attackers to redirect a URL to an arbitrary web site by placing the URL in the query string to the top-level URI.


SQL injection vulnerability in EfesTECH Haber 5

vulnerability | arbitrary | attackers | parameter | top-level | injection | EfesTECH | commands | execute | allows | remote | Haber | URI | SQL | via |

SQL injection vulnerability in EfesTECH Haber 5.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to the top-level URI.


SQL injection vulnerability in category.php in

vulnerability | categoryphp | attackers | arbitrary | injection | parameter | commands | execute | remote | PHP123 | allows | Sites | cat | SQL | Top | via |

SQL injection vulnerability in category.php in PHP123 Top Sites allows remote attackers to execute arbitrary SQL commands via the cat parameter.


Unrestricted file upload vulnerability in banne

banner-uploadphp | vulnerability | Unrestricted | arbitrary | attackers | banners/ | execute | allows | upload | Szymon | remote | files | Kosok | file | Best | List | Top | PHP |

Unrestricted file upload vulnerability in banner-upload.php in Szymon Kosok Best Top List allows remote attackers to upload and execute arbitrary PHP files in banners/.


Software vulnerabilities results 1 to 20 of 56     
Page: 123