682 matches found
Axis Network Camera 2.x - HTTP Authentication Bypass
source: https://www.securityfocus.com/bid/7652/info A vulnerability has been discovered in various Axis Communications products. By making a request for a specially formatted URL, it may be possible for remote users to access the administrative configuration interface without being prompted for...
CVE-2002-1440
The Gateway GS-400 server has a default root password of "0001n" that can not be changed via the administrative interface, which can allow attackers to gain root privileges...
Zeus Web Server 4.04.1 - Admin Interface Cross-Site Scripting
Zeus Web Server 4.04.1 - Admin Interface Cross-Site Scripting source: https://www.securityfocus.com/bid/6144/info The Zeus Web Server contains a web based administration interface that is vulnerable to cross site scripting attacks. Due to insufficient sanitization of user-supplied input it is...
HP Procurve 4000M Stacked Switch HTTP Reset Vulnerability
Techserve, Inc. www.tech-serve.com Security Advisory Advisory Name: HP Procurve 4000M Stacked Switch HTTP Reset Vulnerability Release Date: 09/23/2002 Platform: HP Procurve 4000M Switch J4121A Application: Firmware revision C.09.13 Current Severity: Multiple reset requests may deny use of stacked...
Cisco Content Service Switch unauthorized access
It's possible to access administrative interface without authentication...
Sun AnswerBook2 1.x - Unauthorized Administrative Script Access
source: https://www.securityfocus.com/bid/5383/info Sun Microsystems AnswerBook2 allows users to view Sun documentation through a web browser, and is available for Solaris. AnswerBook2 includes an administrative web interface. Reportedly, it is possible to access these scripts without...
Working Resources 1.7.x BadBlue - Administrative Interface Arbitrary File Access
Working Resources 1.7.x BadBlue - Administrative Interface Arbitrary File Access source: https://www.securityfocus.com/bid/5276/info BadBlue is a P2P file sharing application distributed by Working Resources. It is available for Microsoft Windows operating systems. BadBlue does not sufficiently...
Working Resources 1.7.x BadBlue - Administrative Interface Arbitrary File Access
source: https://www.securityfocus.com/bid/5276/info BadBlue is a P2P file sharing application distributed by Working Resources. It is available for Microsoft Windows operating systems. BadBlue does not sufficiently control access to the administrative interface. It is possible to remotely add the...
CVE-2001-1252
Network Associates PGP Keyserver 7.0 allows remote attackers to bypass authentication and access the administrative web interface via URLs that directly access cgi-bin instead of keyserver/cgi-bin for the programs 1 console, 2 cs, 3 multiconfig and 4 directory...
Ruslan Communications BodyBuilder - Authentication Bypass
Ruslan Communications BodyBuilder - Authentication Bypass source: https://www.securityfocus.com/bid/5008/info Ruslan Communications Builder is a tool designed to assist a user in creating a website. It allows for remote administration through a web interface, and is implemented in Java. Reportedl...
Critical Path InJoin Directory Server 4.0 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/4717/info Critical Path provides an LDAP Lightweight Directory Access Protocol Directory Server called InJoin. InJoin Directory is provided for Microsoft Windows operating systems and Unix variants. HTML code is not filtered from URL parameters that are...
EServ 2.9x - Password-Protected File Access
EServ 2.9x - Password-Protected File Access source: https://www.securityfocus.com/bid/3838/info EServ is a combination Mail, News, Web, FTP and Proxy Server for Microsoft Windows 9x/NT/2000 systems. It is possible to construct a web request which is capable of accessing the contents of password...
EServ 2.9x - Password-Protected File Access
source: https://www.securityfocus.com/bid/3838/info EServ is a combination Mail, News, Web, FTP and Proxy Server for Microsoft Windows 9x/NT/2000 systems. It is possible to construct a web request which is capable of accessing the contents of password protected files/folders on the webserver, suc...
Несоклько проблем в Lotus Domino (protection bypass)
Различные уязвимости включая частичный удаленный доступ к административному интерфейсу...
CVE-2001-1252
Network Associates PGP Keyserver 7.0 allows remote attackers to bypass authentication and access the administrative web interface via URLs that directly access cgi-bin instead of keyserver/cgi-bin for the programs 1 console, 2 cs, 3 multiconfig and 4 directory...
CVE-2000-0862
Vulnerability in an administrative interface utility for Allaire Spectra 1.0.1 allows remote attackers to read and modify sensitive configuration information...
ScreenOS 1.73/2.x - Firewall Denial of Service
source: https://www.securityfocus.com/bid/2176/info NetScreen Firewall is a network appliance used to secure against intruders and various types of attacks to a network. NetScreen has a Web administrative Interface WebUI used to configure and set the firewall settings. It is possible to cause a...
CVE-2000-0988
WinU 1.0 through 5.1 has a backdoor password that allows remote attackers to gain access to its administrative interface and modify configuration...
Lyris List Manager Administration Hole
Versions 3 and 4 of the Lyris List Manager allow any mailing list subscriber to gain access to the administrative interface of that list. After a user has logged in, they may modify the generated web page as follows to gain access: Save the html to disk, and add the full path to the server into t...
Дырка в Lyris List Manager
Возможен доступ к административному интерфейсу путем локальной модификации Wev-страницы...