CVE-2004-2739

The setup routine setup.php in PHProjekt 4.2.1 and earlier allows remote attackers to modify system configuration via unknown attack vectors...

CVE-2004-2556

NetGear WG602 aka WG602v1 Wireless Access Point firmware 1.04.0 and 1.5.67 has a hardcoded account of username "super" and password "5777364", which allows remote attackers to modify the configuration...

PT-2004-2618 · Unknown · Blackice Server Protection +1

Name of the Vulnerable Software and Affected Versions: BlackICE PC Protection and Server Protection affected versions not specified Description: The issue allows local users to cause a denial of service or modify configuration due to the installation of certain files with Everyone Full Control...

osTicket setup.php Accessibility

The target is running at least one instance of an improperly secured installation of osTicket and allows access to setup.php. Since that script does not require authenticated access, it is possible for an attacker to modify osTicket's configuration using a specially crafted call to setup.php to...

Sphera HostingDirector 1.0/2.0/3.0 - VDS Control Panel Account Configuration Modification

source: https://www.securityfocus.com/bid/7896/info Sphera HostingDirector VDS Control Panel has been reported prone to a vulnerability where an attacker may make arbitrary account configuration modifications. It has been reported that an attacker, may connect to the HostingDirector server and...

CVE-2003-0240

The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // double slash...

CVE-2002-0599

Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen...

CVE-2002-0813

Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service reset or modify configuration via a long filename...

CVE-2002-0599

Blahz-DNS 0.2 and earlier is affected by CVE-2002-0599. The vulnerability allows remote attackers to bypass authentication and modify DNS configuration by directly requesting CGI programs (e.g., dostuff.php) instead of using the login screen. Affected component is the authentication/config flow; ...

CVE-2002-1553

Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system configuration and delete files by establishing an FTP connection to the TCC, TCC+ or XTC using a username and password that does not exist...

CVE-2003-0150

MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf...

CVE-2002-1553

Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system configuration and delete files by establishing an FTP connection to the TCC, TCC+ or XTC using a username and password that does not exist...

CVE-2002-2218

CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system SIPS before 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a CRLF sequence in a key value...

CVE-2002-1080

The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as 1 srvstatus.chl, 2 consport.chl, 3 general.chl, 4 srvparam.chl, and 5 advanced.chl...

CVE-2002-0540

Nortel CVX 1800 is installed with a default "public" community string, which allows remote attackers to read usernames and passwords and modify the CVX configuration...

CVE-2002-0202

PaintBBS 1.2 installs certain files and directories with insecure permissions, which allows local users to 1 obtain the encrypted server password via the world-readable oekakibbs.conf file, or 2 modify the server configuration via the world-writeable /oekaki/ folder...

CVE-2001-1290

The CVE-2001-1290 entry describes a vulnerability in Admin.cgi of Active Classifieds Free Edition 1.0 (and possibly commercial versions) where a remote attacker can modify configuration, gain privileges, and execute arbitrary Perl code through the table_width parameter. Affected component: admin....

CVE-2001-1290

admin.cgi in Active Classifieds Free Edition 1.0, and possibly commercial versions, allows remote attackers to modify the configuration, gain privileges, and execute arbitrary Perl code via the tablewidth parameter...

CVE-2001-0455

Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration...

CVE-1999-1255

Hyperseek allows remote attackers to modify the hyperseek configuration by directly calling the admin.cgi program with an editfile action parameter...