Total
29549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0265 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in modules.php for Php-Nuke 6.x-7.1.0 allows remote attackers to execute arbitrary script as other users via URL-encoded (1) title or (2) fname parameters in the News or Reviews modules. | |||||
| CVE-2005-3940 | 1 Greywyvern | 1 Orca Ringmaker | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ringmaker.php in Orca Ringmaker 2.3c and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter. | |||||
| CVE-2004-2505 | 1 Macromedia | 1 Coldfusion | 2025-04-03 | 5.0 MEDIUM | N/A |
| Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service (memory consumption and crash) by sending repeated GET or POST requests that trigger error messages that use long strings of data. | |||||
| CVE-2006-1536 | 1 Phoetux.net | 1 Phxcontacts | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Phoetux.net PhxContacts 0.93.1 beta and earlier allow remote attackers to execute arbitrary SQL commands via the (1) motclef and (2) nbr_line_view parameters in (a) carnet.php, and the (3) id_contact parameter in (b) contact_view.php. | |||||
| CVE-2003-0254 | 1 Apache | 1 Http Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket. | |||||
| CVE-2005-3230 | 1 Panda | 1 Activescan | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in unspecified versions of Panda Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | |||||
| CVE-2002-2054 | 1 Teekai | 1 Teekai Forum | 2025-04-03 | 7.5 HIGH | N/A |
| TeeKai Forum 1.2 allows remote attackers to authenticate as the administrator and and gain privileged web forum access by setting the valid_level cookie to admin. | |||||
| CVE-2002-0691 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01 and 5.5 allows remote attackers to execute scripts in the Local Computer zone via a URL that references a local HTML resource file, a variant of "Cross-Site Scripting in Local HTML Resource" as identified by CAN-2002-0189. | |||||
| CVE-2005-4143 | 1 Lyris | 1 List Manager | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Lyris ListManager 5.0 through 8.9a allows remote attackers to execute arbitrary SQL commands via SQL code after a numeric argument to a /read/attachment URL. | |||||
| CVE-2004-1391 | 1 Qnx | 2 Rtos, Rtp | 2025-04-03 | 4.6 MEDIUM | N/A |
| Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program. | |||||
| CVE-2006-4376 | 1 Guder Und Koch Netzwerktechnik | 1 Eichhorn Portal | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly including the (1) profil_nr and (2) sprache parameters in the main portion of the portal, the (3) suchstring field in suchForm in the main portion of the portal, the (4) GaleryKey and (5) Breadcrumbs parameters in the gallerie module, and the (6) GGBNSaction parameter in the ggbns module. | |||||
| CVE-1999-0816 | 1 Motorola | 1 Motorola Cablerouter | 2025-04-03 | 10.0 HIGH | N/A |
| The Motorola CableRouter allows any remote user to connect to and configure the router on port 1024. | |||||
| CVE-2002-0056 | 1 Microsoft | 1 Sql Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection. | |||||
| CVE-2004-1179 | 1 Debian | 1 Debmake | 2025-04-03 | 2.1 LOW | N/A |
| The debstd script in debmake 3.6.x before 3.6.10 and 3.7.x before 3.7.7 allows local users to overwrite arbitrary files via a symlink attack on temporary directories. | |||||
| CVE-2005-1972 | 1 Interactivephp | 1 Fusionbb | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in InteractivePHP FusionBB .11 Beta and earlier allow remote attackers to execute arbitrary SQL commands via (1) the username, which is not properly handled by the insertUser function, or (2) the bb_session_id value in a cookie. | |||||
| CVE-2001-0961 | 1 John E. Davis | 1 Most | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in tab expansion capability of the most program allows local or remote attackers to execute arbitrary code via a malformed file that is viewed with most. | |||||
| CVE-2005-2403 | 1 Realchat | 1 Realchat | 2025-04-03 | 5.0 MEDIUM | N/A |
| The login protocol in RealChat 3.5.1b does not use authentication, which allows remote attackers to log on as other users by sniffing the beginning of a chat session and replaying it via a modified username. | |||||
| CVE-2006-4993 | 1 Allmyguests Project | 1 Allmyguests | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.4.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _AMGconfig[cfg_serverpath] parameter in (1) modules/AllMyGuests/signin.php (aka the Nuke module) and (2) AllMyGuests/signin.php (aka the standalone). | |||||
| CVE-2004-0708 | 1 Moinmoin | 1 Moinmoin | 2025-04-03 | 7.5 HIGH | N/A |
| MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existing group that has higher privileges. | |||||
| CVE-1999-0037 | 2 Freebsd, Redhat | 2 Freebsd, Linux | 2025-04-03 | 7.5 HIGH | N/A |
| Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. | |||||