Total
29549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3560 | 1 Blue Dojo | 1 Graffiti Forums | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in topics.php in Blue Dojo Graffiti Forums 1.0 allows remote attackers to execute arbitrary SQL commands via the f parameter. | |||||
| CVE-2006-0555 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service (NFS client panic) via unknown attack vectors related to the use of O_DIRECT (direct I/O). | |||||
| CVE-2004-0697 | 1 4d | 1 Webstar | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini configuration file and possibly obtain sensitive information. | |||||
| CVE-2004-1397 | 1 Usemod | 1 Usemodwiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in UseModWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via an argument to wiki.pl. | |||||
| CVE-2001-0218 | 1 Martin Stover | 1 Mars Nwe | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in mars_nwe 0.99.pl19 allows remote attackers to execute arbitrary commands. | |||||
| CVE-2006-2042 | 1 Adobe | 1 Dreamweaver | 2025-04-03 | 7.5 HIGH | N/A |
| Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models. | |||||
| CVE-2004-0070 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in module.php for ezContents allows remote attackers to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2005-4530 | 1 Alstrasoft | 1 Epay | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Enterprise 3.0 (formerly DoPays) allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters in (1) profile.htm, (2) card.htm, (3) bank.htm, (4) subscriptions.htm, (5) send.htm, (6) request.htm, (7) forgot.htm, (8) escrow.htm, (9) donations.htm, and (10) products.htm. | |||||
| CVE-2004-0820 | 1 Nullsoft | 1 Winamp | 2025-04-03 | 4.6 MEDIUM | N/A |
| Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file. | |||||
| CVE-2005-0698 | 1 Jason Hines | 1 Phpweblog | 2025-04-03 | 4.6 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) G_PATH parameter to init.inc.php or the (2) PATH parameter to index.php to reference a URL on a remote web server that contains the code. | |||||
| CVE-2000-0050 | 1 Allaire | 1 Spectra | 2025-04-03 | 4.6 MEDIUM | N/A |
| The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs. | |||||
| CVE-2001-1509 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
| geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not properly identify a user's effective user id, which could allow local users to gain privileges. | |||||
| CVE-2002-0496 | 1 Southwest | 1 Southwest | 2025-04-03 | 5.0 MEDIUM | N/A |
| The HTTP server for SouthWest Talker server 1.0.0 allows remote attackers to cause a denial of service (server crash) via a malformed URL to port 5002. | |||||
| CVE-2004-2435 | 1 Peoplesoft | 1 Hrms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PeopleSoft Human Resources Management System (HRMS) 7.0, when "web enabled" using HTML Access, allows remote attackers to inject arbitrary web script or HTML via unspecified (1) debugging or (2) utility scripts. | |||||
| CVE-2006-0181 | 1 Cisco | 1 Cs-mars | 2025-04-03 | 7.2 HIGH | N/A |
| Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.1.3 has an undocumented administrative account with a default password, which allows local users to gain privileges via the expert command. | |||||
| CVE-2000-0630 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-03 | 5.0 MEDIUM | N/A |
| IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability. | |||||
| CVE-2001-0275 | 1 Moby | 1 Netsuite Web Server | 2025-04-03 | 2.1 LOW | N/A |
| Moby Netsuite Web Server 1.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request. | |||||
| CVE-2004-0047 | 1 Yamamoto Hirotaka | 1 Trr19 | 2025-04-03 | 4.6 MEDIUM | N/A |
| Multiple programs in trr19 1.0 do not properly drop privileges before executing a system command, which could allow local users to gain privileges. | |||||
| CVE-2004-1801 | 1 Pwebserver | 1 Pwebserver Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in PWebServer 0.3.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2004-1035 | 1 Imap Proxy | 1 Imap Proxy | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple integer signedness errors in (1) imapcommon.c, (2) main.c, (3) request.c, and (4) select.c for up-imapproxy IMAP proxy 1.2.2 allow remote attackers to cause a denial of service (server crash) and possibly leak sensitive information via certain literal values that are not properly handled when using the IMAP_Line_Read function. | |||||