Total
29549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2739 | 1 Epic Designs | 1 Tinybb | 2025-04-03 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in footers.php in Epicdesigns tinyBB 0.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the tinybb_footers parameter. | |||||
| CVE-2001-0484 | 1 Tek | 1 Phaserlink | 2025-04-03 | 6.4 MEDIUM | N/A |
| Tektronix PhaserLink 850 does not require authentication for access to configuration pages such as _ncl_subjects.shtml and _ncl_items.shtml, which allows remote attackers to modify configuration information and cause a denial of service by accessing the pages. | |||||
| CVE-2000-0883 | 1 Mandrakesoft | 1 Mandrake Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory. | |||||
| CVE-2006-0201 | 1 Paypal | 1 Php Toolkit | 2025-04-03 | 5.0 MEDIUM | N/A |
| Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php. | |||||
| CVE-2002-1965 | 1 Imatix | 1 Xitami | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Errors.gsl in Imatix Xitami 2.5b4 and 2.5b5 allows remote attackers to inject arbitrary web script or HTML via the (1) Javascript events, as demonstrated via an onerror event in an IMG SRC tag or (2) User-Agent field in an HTTP GET request. | |||||
| CVE-2004-2542 | 1 Dynix | 1 Webpac | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to execute stored procedures, bypass login authentication, and cause an unspecified denial of service to backend databases. | |||||
| CVE-2000-0507 | 1 Concatus | 1 Imate Webmail Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Imate Webmail Server 2.5 allows remote attackers to cause a denial of service via a long HELO command. | |||||
| CVE-2006-2496 | 1 Novell | 2 Edirectory, Imonitor | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors. | |||||
| CVE-2005-1088 | 1 Dameware Development | 2 Mini Remote Control, Nt Utilities | 2025-04-03 | 7.2 HIGH | N/A |
| Unknown vulnerability in DameWare NT Utilities 4.8 and earlier, and Mini Remote Control 4.8 and earlier, allows local users to gain additional rights. | |||||
| CVE-2001-0288 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | |||||
| CVE-2005-0734 | 1 Py Software | 1 Active Webcam | 2025-04-03 | 5.0 MEDIUM | N/A |
| PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service (memory exhaustion and process crash) via a large number of HTTP requests. | |||||
| CVE-2006-4287 | 2 Nes Game, Nes System | 2 Nes Game, Nes System | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in NES Game and NES System c108122 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) phphtmllib parameter to (a) phphtmllib/includes.php; tag_utils/ scripts including (b) divtag_utils.php, (c) form_utils.php, (d) html_utils.php, and (e) localinc.php; and widgets/ scripts including (f) FooterNav.php, (g) HTMLPageClass.php, (h) InfoTable.php, (i) localinc.php, (j) NavTable.php, and (k) TextNav.php. | |||||
| CVE-2002-1947 | 1 Webmin | 1 Webmin | 2025-04-03 | 6.4 MEDIUM | N/A |
| Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote attackers to eavesdrop or highjack the SSL session. | |||||
| CVE-2005-1379 | 1 Mandrakesoft | 1 Mandrake Lam-runtime | 2025-04-03 | 4.6 MEDIUM | N/A |
| The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges. | |||||
| CVE-2002-1558 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | 10.0 HIGH | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet. | |||||
| CVE-2003-0500 | 1 Proftpd Project | 1 Proftpd | 2025-04-03 | 10.0 HIGH | N/A |
| SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name. | |||||
| CVE-2006-2326 | 1 Onlyscript.info | 1 Online Universal Payment System Script | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in OnlyScript.info Online Universal Payment System Script allows remote attackers to read arbitrary files via directory traversal sequences in the read parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2003-0345 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required. | |||||
| CVE-2000-0247 | 1 Gnqs | 1 Gnqs | 2025-04-03 | 7.2 HIGH | N/A |
| Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain root privileges. | |||||
| CVE-2004-1061 | 1 Mozilla | 1 Bugzilla | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, including 2.16.x before 2.16.11, allows remote attackers to inject arbitrary HTML and web script via forced error messages, as demonstrated using the action parameter. | |||||