DUportal Pro 3.4 - result.asp Multiple SQL Injections

DUportal Pro 3.4 - result.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit...

CVE-2002-0668

The CVE-2002-0668 issue affects Pingtel xpressa SIP phones (software versions 1.2.5–1.2.7.4). A web interface vulnerability allows an authenticated user to modify Call Forwarding settings, hijacking calls by redirecting them to another SIP URL or number. The root cause is exposure of administrati...

CVE-1999-1420

The CVE-1999-1420 entry concerns NBase switches NH2012, NH2012R, NH2015, and NH2048 which expose a back door password that cannot be disabled. This backdoor allows remote attackers to modify the switch configuration. The connected documents confirm affected models and the nature of the vulnerabil...

CVE-1999-0852

CVE-1999-0852 concerns IBM WebSphere, where permissions are misconfigured to let a local user modify a deinstallation script or its data files located in /usr/bin. The vulnerability is categorized as local with medium-high impact (as per NVD metrics: local access, low complexity, no authenticatio...

CVE-1999-0901

CVE-1999-0901 affects the ypserv component (noted as ypserv 4.1-4 in some feeds). The description across Red Hat and CVE records states that a local user can modify the GECOS field and login shells of other users, indicating an unauthorized local privilege impact. The Red Hat/Red Hat-linked entri...

CVE-1999-0902

CVE-1999-0902 affects ypserv (noted in multiple feeds, including CBLMARINER and PT-1999-1448) with the vulnerability enabling local administrators to modify password tables. Affected package/version cited: ypserv 4.1-4. The core issue is an improper handling that allows a local privileged user to...