Searching under software vulnerabilities

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0

information | nonexistent | sensitive | extension | attacker | requests | servlet | Jakarta | reveals | remote | Tomcat | Apache | system | Snoop | under | snp | URL |

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.


Acme mini_httpd before 1.16 allows remote attac

mini_httpd | before | Acme |

Acme mini_httpd before 1.16 allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.


Kebi WebMail allows remote attackers to access

administrator | privileges | attackers | installed | directory | document | WebMail | remote | allows | hidden | access | under | which | gain | menu | root | Kebi | web | via | /a/ |

Kebi WebMail allows remote attackers to access the administrator menu and gain privileges via the /a/ hidden directory, which is installed under the web document root.


Vulnerability in screen before 3.9.10, related

Vulnerability | before | screen |

Vulnerability in screen before 3.9.10, related to a multi-attach error, allows local users to gain root privileges when there is a subdirectory under /tmp/screens/.


MidiCart stores the midicart.mdb database file

midicartmdb | information | requesting | sensitive | attackers | document | directly | database | MidiCart | remote | stores | allows | under | steal | which | file | root | Web |

MidiCart stores the midicart.mdb database file under the Web document root, which allows remote attackers to steal sensitive information by directly requesting the database.


eUpload 1.0 stores the password.txt password fi

passwordtxt | attackers | plaintext | overwrite | arbitrary | document | password | eUpload | reading | remote | stores | allows | files | under | which | root | file | web |

eUpload 1.0 stores the password.txt password file in plaintext under the web document root, which allows remote attackers to overwrite arbitrary files by reading password.txt.


TightAuction 3.0 stores config.inc under the we

insufficient | TightAuction | configinc | attackers | document | username | password | database | control | remote | obtain | allows | stores | access | under | which | root | web |

TightAuction 3.0 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain the database username and password.


SQL injection vulnerability in auth.php in Land

vulnerability | injection | authphp | Under | Down | Land | SQL |

SQL injection vulnerability in auth.php in Land Down Under (LDU) v601 and earlier allows remote attackers to execute arbitrary SQL commands.


Uapplication Uguestbook stores the database und

guestbookmdb | Uapplication | information | Uguestbook | attackers | sensitive | document | database | request | obtain | direct | stores | allows | remote | under | which | root | via | web |

Uapplication Uguestbook stores the database under the web document root, which allows remote attackers to obtain sensitive information via a direct request to guestbook.mdb.


Uapplication Ublog Reload stores the database u

Uapplication | information | attackers | sensitive | document | database | blogmsb | request | remote | obtain | allows | Reload | stores | direct | Ublog | under | which | root | via | web |

Uapplication Ublog Reload stores the database under the web document root, which allows remote attackers to obtain sensitive information via a direct request to blog.msb.


Uapplication Uphotogallery stores the database

uphotogallerymdb | Uphotogallery | Uapplication | information | attackers | sensitive | document | database | request | obtain | direct | stores | allows | remote | under | which | root | via | web |

Uapplication Uphotogallery stores the database under the web document root, which allows remote attackers to obtain sensitive information via a direct request to uphotogallery.mdb.


CodeThat ShoppingCart 1.3.1 stores config.ini u

ShoppingCart | CodeThat |

CodeThat ShoppingCart 1.3.1 stores config.ini under the web root, which allows remote attackers to obtain sensitive information via a direct request.


Keyvan1 ImageGallery stores the image.mdb datab

insufficient | ImageGallery | information | sensitive | attackers | document | imagemdb | database | control | Keyvan1 | allows | obtain | remote | stores | access | under | which | root | web |

Keyvan1 ImageGallery stores the image.mdb database under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information.


Cross-site scripting (XSS) vulnerability in Lan

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) allows remote attackers to inject arbitrary web script or HTML via a signature.


eyeOS 0.8.4 stores usrinfo.xml under the web do

eyeOS |

eyeOS 0.8.4 stores usrinfo.xml under the web document root with insufficient access control, which allows remote attackers to obtain user credentials.


phpWebFTP 3.2 and earlier stores script.js unde

insufficient | information | sensitive | attackers | phpWebFTP | document | scriptjs | control | earlier | allows | obtain | remote | stores | access | under | which | root | web |

phpWebFTP 3.2 and earlier stores script.js under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information.


Bitrix Site Manager 4.1.x stores updater.log un

insufficient | information | updaterlog | attackers | sensitive | document | control | Manager | remote | allows | access | stores | Bitrix | obtain | under | which | Site | root | 41x | web |

Bitrix Site Manager 4.1.x stores updater.log under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information.


A-CART 2.0 stores the acart2_0.mdb file under t

insufficient | acart2_0mdb | information | attackers | document | password | username | control | allows | obtain | remote | A-CART | stores | access | which | under | root | file | web |

A-CART 2.0 stores the acart2_0.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain username and password information.


Efone 20000723 stores config.inc under the web

Efone |

Efone Sunday, July 23, 2000 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information.


registroTL stores sensitive information under t

/usuariosdat | insufficient | information | registroTL | attackers | sensitive | download | database | request | control | access | stores | direct | allows | remote | which | under | root | web | via |

registroTL stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for /usuarios.dat.


Software vulnerabilities results 1 to 20 of 336     
Page: 12345...17