Searching web software vulnerabilities

HP Secure Web Console uses weak encryption.

encryption | Console | Secure | weak | uses | Web |

HP Secure Web Console uses weak encryption.


Falcon web server allows remote attackers to de

attackers | determine | absolute | Falcon | server | allows | remote | names | long | file | path | root | web | via |

Falcon web server allows remote attackers to determine the absolute path of the web root via long file names.


Groupwise web server GWWEB.EXE allows remote at

attackers | determine | parameter | Groupwise | GWWEBEXE | server | allows | remote | HELP | path | real | web | via |

Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter.


surfCONTROL SuperScout does not properly asign

surfCONTROL | SuperScout | properly | category | asign | sites | does | not | web |

surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end, which may allow users to bypass web access restrictions.


The sample Java servlet "test" in Bajie HTTP we

pathname | document | reveals | servlet | server | sample | "test" | Bajie | real | HTTP | Java | 030a | root | web |

The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web document root.


Voyager web server 2.01B in the demo disks for

Voyager | server | disks | demo | 201B | QNX | web |

Voyager web server 2.01B in the demo disks for QNX 405 stores sensitive web client information in the .photon directory in the web document root, which allows remote attackers to obtain that information.


Vulnerability in iPlanet Web Server Enterprise

Vulnerability | Enterprise | Edition | iPlanet | Server | Web |

Vulnerability in iPlanet Web Server Enterprise Edition 4.x.


Cross-site scripting vulnerability in PowerBASI

vulnerability | PowerBASIC | Cross-site | arbitrary | attackers | scripting | browsers | pbcgicgi | included | execute | script | remote | server | allows | other | Lil' | HTTP | via | web |

Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2) "E-mail" parameters.


SonicWall Content Filtering allows local users

prohibited | SonicWall | Filtering | requests | Content | instead | address | domain | site's | allows | access | users | sites | local | name | web | via |

SonicWall Content Filtering allows local users to access prohibited web sites via requests to the web site's IP address instead of the domain name.


web-tools in SAP DB before 7.4.03.30 allows rem

web-tools | before | SAP |

web-tools in SAP DB before 7.4.03.30 allows remote attackers to access the Web Agent Administration pages and modify configuration via a direct request to waadmin.wa.


The Web Database Manager in web-tools for SAP D

web-tools | Database | Manager | before | SAP | Web |

The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities.


Caucho Technology Resin 2.1.12 allows remote at

Technology | Caucho | Resin |

Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows.


Mozilla Firefox 0.9.1 and 0.9.2 allows remote w

Firefox | Mozilla |

Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.


Multiple cross-site scripting vulnerabilities i

vulnerabilities | Application | cross-site | scripting | Multiple | Gallery | Image | Web |

Multiple cross-site scripting vulnerabilities in Image Gallery Web Application 0.9.10 allow remote attackers to inject arbitrary web script or HTML.


Cross-site scripting (XSS) vulnerability in the

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL.


Cross-site scripting (XSS) vulnerability in Dev

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.


Unspecified vulnerability in Hitachi Web Page G

vulnerability | Unspecified | Enterprise | Generator | Hitachi | Page | Web |

Unspecified vulnerability in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier allows remote attackers to cause a denial of service via unknown attack vectors when a web site is "improperly accessed."


Dev-Editor 3.0 allows remote attackers to acces

Dev-Editor | directory | substring | attackers | outside | access | remote | allows | whose | root | name | any | web |

Dev-Editor 3.0 allows remote attackers to access any directory outside the web root whose name is a substring of the web root directory name.


Unspecified vulnerability in Macromedia JRun 4

vulnerability | Unspecified | Macromedia | server | JRun | web |

Unspecified vulnerability in Macromedia JRun 4 web server (JWS) allows remote attackers to view web application source code via "a malformed URL."


Cross-site scripting (XSS) vulnerability in Gro

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web, World Wide Web Desktop, World Wide Web for Scheduler, and Desktop for Scheduler, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.


Software vulnerabilities results 1 to 20 of 4483     
Page: 12345...225