ultimate software vulnerabilities

Searching ultimate software vulnerabilities

Cross-site scripting vulnerability in Infopop U

Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) before 5.47e allows remote attackers to steal user cookies via an [IMG] tag that references an about: URL with an onerror field.

Cross-site scripting vulnerability in Infopop U

Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag.

register.php in Ultimate PHP Board (UPB) 1.0 an

registerphp | Ultimate | Board | PHP |

register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote attacker to impersonate the administrator by registering an account name of admin with a lower case "a."

Cross-site scripting (XSS) vulnerability in Inf

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.x allows remote authenticated users to execute arbitrary web script and gain administrative access via the "displayed name" attribute of the "ubber" cookie.

The Amp II engine as used by Gore: Ultimate Sol

engine | used | Amp |

The Amp II engine as used by Gore: Ultimate Soldier 1.50 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero byte UDP packet.

Cross-site scripting (XSS) vulnerability in vie

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the postorder parameter.

viewforum.php in Ultimate PHP Board (UPB) 1.8 t

viewforumphp | Ultimate | Board | PHP |

viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter, which is not properly handled by textdb.inc.php, possibly due to a SQL injection vulnerability.

Gurgens (GASoft) Ultimate Forum 1.0 stores the

Gurgens |

Gurgens (GASoft) Ultimate Forum 1.0 stores the db/Genid.dat database file under the web document root with insufficient access control, which allows remote attackers to obtain and decrypt usernames and passwords.

Ultimate PHP Board (UPB) 1.9.6 GOLD allows remo

Ultimate | Board | PHP |

Ultimate PHP Board (UPB) 1.9.6 GOLD allows remote attackers to obtain sensitive information via an invalid (zero) id parameter to (1) viewtopic.php, (2) profile.php, or (3) newpost.php, which reveals the path in an error message.

Ultimate PHP Board (UPB) 1.9.6 GOLD uses weak e

Ultimate | Board | PHP |

Ultimate PHP Board (UPB) 1.9.6 GOLD uses weak encryption for passwords in the users.dat file, which allows attackers to easily decrypt the passwords and gain privileges, possibly after exploiting CVE-2005-2005 to obtain users.dat.

Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in default.asp in CyberShop Ultimate E-commerce allow remote attackers to inject arbitrary web script or HTML via the (1) ortak or (2) kat parameter.

Cross-site scripting (XSS) vulnerability in ind

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in index.pl in Ultimate Estate 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter.

SQL injection vulnerability in index.pl in Ulti

SQL injection vulnerability in index.pl in Ultimate Estate 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Cross-site scripting (XSS) vulnerability in ind

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in index.cgi in Ultimate eShop 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the subid parameter.

The installation of Ultimate PHP Board (UPB) 1.

installation | Ultimate | Board | PHP |

The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default adminstrator login account and password, which allows remote attackers to gain privileges.

register.php in Ultimate PHP Board (UPB) 1.9.6

registerphp | Ultimate | Board | PHP |

register.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to create arbitrary accounts via the "[NR]" sequence in the signature field, which is used to separate multiple records.

Multiple SQL injection vulnerabilities in index

Multiple SQL injection vulnerabilities in index.asp in Ultimate Survey Pro allow remote attackers to execute arbitrary SQL commands via the (1) cat or (2) did parameter.

Cross-site scripting (XSS) vulnerability in ind

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in index.asp in Ultimate HelpDesk allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.

Directory traversal vulnerability in getfile.as

Directory traversal vulnerability in getfile.asp in Ultimate HelpDesk allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.

Direct static code injection vulnerability in c

Direct static code injection vulnerability in chat/login.php in Ultimate PHP Board (UPB) 2.0b1 and earlier allows remote attackers to inject arbitrary PHP code via the username parameter, which is injected into chat/text.php.

Software vulnerabilities results 1 to 20 of 34

Page: 12 ►

ultimate software vulnerabilities

vulnerabilities.aspcode.net

Searching ultimate software vulnerabilities