1234 matches found
Design/Logic Flaw
The NeffyLauncher 1.0.5 ActiveX control NeffyLauncher.dll in CDNetworks Nefficient Download uses weak cryptography for a KeyCode that blocks unauthorized use of the control, which allows remote attackers to bypass this protection mechanism by calculating the required KeyCode. NOTE: this can be us...
CVE-2008-1886
The NeffyLauncher 1.0.5 ActiveX control NeffyLauncher.dll in CDNetworks Nefficient Download uses weak cryptography for a KeyCode that blocks unauthorized use of the control, which allows remote attackers to bypass this protection mechanism by calculating the required KeyCode. NOTE: this can be us...
Sql injection
SQL injection vulnerability in account/index.php in TopperMod 2.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via a non-alphanumeric first character the localita parameter, which bypasses a protection mechanism...
Directory traversal
Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing...
CVE-2008-0923
Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing...
CVE-2008-0923
Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing...
CVE-2007-6552
Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the act parameter, possibly involving the news pilih component; as demonstrated by including admin/adminusers.php to bypass a protection...
Directory traversal
Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the act parameter, possibly involving the news pilih component; as demonstrated by including admin/adminusers.php to bypass a protection...
CVE-2007-6552
Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the act parameter, possibly involving the news pilih component; as demonstrated by including admin/adminusers.php to bypass a protection...
Format string
frame.html in Aida-Web Aida Web allows remote attackers to bypass a protection mechanism and obtain comment and task details via modified values to the 1 Mehr and 2 SUPER parameters...
CVE-2007-6056
The CVE-2007-6056 entry describes a vulnerability in frame.html of Aida-Web where remote attackers can bypass a protection mechanism and access comment and task details by modifying the Mehr and SUPER parameters. Documents consistently identify Aida-Web as affected and the root cause as improper ...
CVE-2007-6056
frame.html in Aida-Web Aida Web allows remote attackers to bypass a protection mechanism and obtain comment and task details via modified values to the 1 Mehr and 2 SUPER parameters...
Cross site scripting
Microsoft Internet Explorer 7 and earlier allows remote attackers to bypass the "File Download - Security Warning" dialog box and download arbitrary .exe files by placing a '?' question mark followed by a non-.exe filename after the .exe filename, as demonstrated by 1 .txt, 2 .cda, 3 .log, 4 .dif...
CVE-2006-4592
Incomplete blacklist vulnerability in default.asp in 8pixel.net Simple Blog 2.3 and earlier allows remote attackers to conduct SQL injection attacks via "" characters in the id parameter, which are not filtered by the protection mechanism...