Searching user profileasp software vulnerabilities

wu-ftpd FTP daemon allows any user and password

combination | password | wu-ftpd | allows | daemon | user | FTP | any |

wu-ftpd FTP daemon allows any user and password combination.


finger .@host on some systems may print informa

information | accounts | systems | finger | print | @host | user | some | may |

finger .@host on some systems may print information on some user accounts.


HP Remote Watch allows a remote user to gain ro

allows | access | Remote | Watch | root | user | gain |

HP Remote Watch allows a remote user to gain root access.


A Windows NT local user or administrator accoun

administrator | guessable | password | account | Windows | local | user | has |

A Windows NT local user or administrator account has a guessable password.


A Windows NT domain user or administrator accou

administrator | guessable | password | account | Windows | domain | user | has |

A Windows NT domain user or administrator account has a guessable password.


A system does not present an appropriate legal

appropriate | accessing | message | present | warning | system | legal | user | does | not |

A system does not present an appropriate legal message or warning to a user who is accessing it.


Netscape Navigator uses weak encryption for sto

encryption | Navigator | Netscape | password | storing | user's | uses | mail | weak |

Netscape Navigator uses weak encryption for storing a user's Netscape mail password.


glFtpD includes a default glftpd user account w

password | includes | account | default | glFtpD | user | UID |

glFtpD includes a default glftpd user account with a default password and a UID of 0.


NetZero 3.0 and earlier uses weak encryption fo

information | encryption | password | storing | NetZero | decrypt | earlier | allows | user's | local | login | which | uses | weak | user |

NetZero 3.0 and earlier uses weak encryption for storing a user's login information, which allows a local user to decrypt the password.


EFTP 2.0.7.337 stores user passwords in plainte

EFTP |

EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file.


Unknown vulnerabilities in strnlen_user for Lin

vulnerabilities | strnlen_user | Unknown | kernel | before | Linux |

Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact.


One-Time Passwords In Everything (a.k.a OPIE) 2

Everything | Passwords | One-Time |

One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and static passphrases if the user account does exist.


Cross-site scripting vulnerabilities in ASP-Nuk

vulnerabilities | privileges | Cross-site | attackers | scripting | ASP-Nuke | execute | earlier | script | remote | other | users | allow | gain | via | RC2 |

Cross-site scripting vulnerabilities in ASP-Nuke RC2 and earlier allow remote attackers to execute script or gain privileges as other ASP-Nuke users via script in (1) the name parameter in downloads.asp, (2) the message parameter in Post.asp, or (3) a web site URL in profile.asp.


user_profile.asp in PortalApp 2.2 allows local

user_profileasp | privileges | modifying | PortalApp | variable | user_id | allows | local | users | gain |

user_profile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the user_id variable.


CiscoWorks Common Management Foundation (CMF) 2

Management | Foundation | CiscoWorks | Common |

CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages.


SQL injection vulnerability in PD9 Software Meg

vulnerability | arbitrary | attackers | injection | commands | Software | execute | MegaBBS | allows | remote | via | SQL | PD9 |

SQL injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows remote attackers to execute arbitrary SQL commands via the (1) sortdir or (2) criteria parameter to ladder-log.asp or the (3) memberid or (4) teamid parameter to view-profile.asp.


Multiple SQL injection vulnerabilities in ASPBB

vulnerabilities | arbitrary | attackers | injection | commands | Multiple | execute | remote | ASPBB | allow | via | SQL |

Multiple SQL injection vulnerabilities in ASPBB 0.4 allow remote attackers to execute arbitrary SQL commands via the (1) TID parameter in topic.asp, (2) FORUM_ID parameter in forum.asp, and (3) PROFILE_ID parameter in profile.asp. NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID.


DeluxeBB 1.07 and earlier does not properly han

DeluxeBB |

DeluxeBB 1.07 and earlier does not properly handle a username composed of a single space character, which allows remote authenticated users to login as the "space" user, post as the guest user, and block the ability of an administrator to ban the "space" user.


wp-admin/user-edit.php in WordPress before 2.0.

wp-admin/user-editphp | WordPress | before |

wp-admin/user-edit.php in WordPress before 2.0.5 allows remote authenticated users to read the metadata of an arbitrary user via a modified user_id parameter.


Mail in Apple iPhone 1.1.1 allows remote user-a

iPhone | Apple | Mail |

Mail in Apple iPhone 1.1.1 allows remote user-assisted attackers to force the iPhone user to make calls to arbitrary telephone numbers via a "tel:" link, which does not prompt the user before dialing the number.


Software vulnerabilities results 1 to 20 of 1887     
Page: 12345...95