viewed software vulnerabilities
vulnerabilities.aspcode.net
Searching viewed software vulnerabilities
Cross-site scripting (CSS) vulnerability in Val
Cross-site
|
scripting
|
Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate's description, which is executed when the certificate is viewed.
The log files in Apache web server contain info
information
|
characters
|
addresses
|
attackers
|
directly
|
requests
|
supplied
|
programs
|
control
|
clients
|
contain
|
viewed
|
remote
|
Apache
|
source
|
server
|
filter
|
spoof
|
allow
|
quote
|
files
|
could
|
which
|
logs
|
such
|
UNIX
|
tail
|
HTTP
|
hide
|
does
|
grep
|
cat
|
not
|
web
|
log
|
The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.
ICQ 2001b Build 3659 allows remote attackers to
Build
|
2001b
|
ICQ
|
ICQ 2001b Build 3659 allows remote attackers to cause a denial of service (crash) via a malformed picture that contains large height and width values, which causes the crash when viewed in Userdetails.
ACDSee 4.0 allows remote attackers to cause a d
attackers
|
service
|
denial
|
ACDSee
|
allows
|
remote
|
cause
|
ACDSee 4.0 allows remote attackers to cause a denial of service (crash) via an .ais file with a long file description field, which is not properly handled when the file properties of the file are viewed.
VIM before 6.3 and gVim before 6.3 allow local
containing
|
arbitrary
|
commands
|
modeline
|
executed
|
options
|
crafted
|
execute
|
viewed
|
before
|
users
|
local
|
allow
|
using
|
such
|
file
|
gVim
|
VIM
|
via
|
VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) keymap, (8) patchmode, or (9) langmenu.
Keychain Access in Mac OS X 10.4.2 and earlier
Keychain
|
Access
|
Mac
|
Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password.
Horde IMP 4.0.4 and earlier does not sanitize s
Horde
|
IMP
|
Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 null characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via UTF16 encoded attachments and strings that will be executed when viewed using Internet Explorer, which ignores the characters.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) time parameter to cal2.jsp and (2) any invalid parameter, which causes an XSS when the log file is viewed by the Web-Access-Log viewer.
Stack-based buffer overflow in Sami FTP Server
Stack-based
|
overflow
|
Server
|
buffer
|
Sami
|
FTP
|
Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote attackers to execute arbitrary code via a long USER command, which triggers the overflow when the log is viewed.
Cross-site scripting vulnerability in E-Blah Pl
vulnerability
|
Cross-site
|
attackers
|
arbitrary
|
scripting
|
Platinum
|
referer
|
allows
|
script
|
remote
|
E-Blah
|
inject
|
HTML
|
via
|
web
|
Cross-site scripting vulnerability in E-Blah Platinum 9.7 allows remote attackers to inject arbitrary web script or HTML via the referer (HTTP_REFERER), which is not sanitized when the log file is viewed by the administrator using "Click Log".
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in addguest.cgi in Big Webmaster Guestbook Script 1.02 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) site, (3) city, (4) state, (5) country, and possibly (6) name fields, which are viewed via viewguest.cgi.
Cross-site scripting (XSS) vulnerability in IpL
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier allows remote attackers to inject arbitrary HTML or web script via the User-Agent (useragent) header in an HTTP request, which is not filtered when the log files are viewed.
Cross-site scripting (XSS) vulnerability in Bla
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitrary HTML or web script by bypassing client-side validation through disabling JavaScript when submitting an essay response, which has no server-side validation before being viewed via "View Attempt Details" in the Gradebook.
PHP remote file inclusion vulnerability in incl
includes/functions_user_viewed_postsphp
|
phpbb_root_path
|
vulnerability
|
parameter
|
attackers
|
inclusion
|
arbitrary
|
Tracker
|
earlier
|
Nivisec
|
execute
|
allows
|
Viewed
|
remote
|
module
|
phpBB
|
Posts
|
code
|
User
|
file
|
PHP
|
via
|
URL
|
PHP remote file inclusion vulnerability in includes/functions_user_viewed_posts.php in the Nivisec User Viewed Posts Tracker module 1.0 and earlier for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the (1) data: URI in an HTML e-mail attachment or (2) various non-ASCII character sets that are not properly filtered when viewed with Microsoft Internet Explorer.
Software vulnerabilities results 1 to 16 of 16
Page:
1