Total
29539 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0752 | 1 Cgiscript.net | 1 Csmailto | 2025-04-03 | 5.0 MEDIUM | N/A |
| CGIscript.net csMailto.cgi program exports feedback to a file that is accessible from the web document root, which could allow remote attackers to obtain sensitive information by directly accessing the file. | |||||
| CVE-2005-2043 | 1 Xampp | 1 Apache Distribution | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in XAMPP before 1.4.14 allows remote attackers to inject arbitrary HTML and PHP code via lang.php. | |||||
| CVE-2005-4622 | 1 Efilego | 1 Efilego | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in eFileGo 3.01 allows remote attackers to execute arbitrary code, read arbitrary files, and upload arbitrary files via a ... (triple dot) in (1) the URL on port 608 and (2) the argument to upload.exe. | |||||
| CVE-2000-0780 | 1 Ipswitch | 1 Imail | 2025-04-03 | 6.4 MEDIUM | N/A |
| The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2005-3821 | 1 Vtiger | 1 Vtiger Crm | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in vTiger CRM 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via multiple vectors, including the account name. | |||||
| CVE-2006-3151 | 1 Associated | 1 Associated Cms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in AssoCIateD (aka ACID) 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the menu parameter. | |||||
| CVE-2000-0073 | 1 Microsoft | 3 Windows 2000, Windows 98, Windows Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word. | |||||
| CVE-1999-0541 | 2025-04-03 | 7.5 HIGH | N/A | ||
| A password for accessing a WWW URL is guessable. | |||||
| CVE-2004-0586 | 1 Ibm | 1 Acprunner | 2025-04-03 | 10.0 HIGH | N/A |
| acpRunner ActiveX 1.2.5.0 allows remote attackers to execute arbitrary code via the (1) DownLoadURL, (2) SaveFilePath, and (3) Download ActiveX methods. | |||||
| CVE-2004-1285 | 1 Mplayer | 1 Mplayer | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the get_header function in asf_mmst_streaming.c for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a crafted ASF video stream. | |||||
| CVE-2004-0246 | 1 Laurent Adda | 1 Les Commentaires | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in (1) fonctions.lib.php, (2) derniers_commentaires.php, and (3) admin.php in Les Commentaires 2.0 allow remote attackers to execute arbitrary PHP code via the rep parameter. | |||||
| CVE-1999-1308 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
| Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges. | |||||
| CVE-2006-1492 | 1 Nikolay Avrionov | 1 Explorer Xp | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in dir.php in Explorer XP allows remote attackers to read arbitrary files via the chemin parameter. | |||||
| CVE-2006-0712 | 1 Squishdot | 1 Squishdot | 2025-04-03 | 5.0 MEDIUM | N/A |
| mail_html template in Squishdot 1.5.0 and earlier does not properly validate the (1) email and (2) title variables, which allows remote attackers to bypass spam filters by injecting SMTP headers, probably due to a CRLF injection vulnerability. | |||||
| CVE-2001-0756 | 1 Virtualcart | 1 Virtualcatalog | 2025-04-03 | 7.5 HIGH | N/A |
| CatalogMgr.pl in VirtualCatalog (incorrectly claimed to be in VirtualCart) allows remote attackers to execute arbitrary code via the template parameter. | |||||
| CVE-2005-4225 | 1 Mywebland | 1 Mybloggie | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple "potential" SQL injection vulnerabilities in myBloggie 2.1.3 beta might allow remote attackers to execute arbitrary SQL commands via (1) the category parameter in add.php, (2) the cat_desc parameter in addcat.php, (3) the level and user parameters in adduser.php, (4) the post_id parameter in del.php, (5) the cat_id parameter in delcat.php, (6) the comment_id parameter in delcomment.php, (7) the id parameter in deluser.php, (8) the post_id and category parameter in edit.php, (9) the cat_id and cat_desc parameters in editcat.php, and (10) the id, level, and user parameters in edituser.php. NOTE: the username/login.php vector is already identified by CVE-2005-2838. | |||||
| CVE-2000-0914 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests. | |||||
| CVE-2002-0949 | 1 Telindus | 1 Adsl Router | 2025-04-03 | 7.5 HIGH | N/A |
| Telindus 1100 series ADSL router allows remote attackers to gain privileges to the device via a certain packet to UDP port 9833, which generates a reply that includes the router's password and other sensitive information in cleartext. | |||||
| CVE-2002-0534 | 1 Postboard | 1 Postboard | 2025-04-03 | 5.0 MEDIUM | N/A |
| PostBoard 2.0.1 and earlier with BBcode allows remote attackers to cause a denial of service (CPU consumption) and corrupt the database via null \0 characters within [code] tags. | |||||
| CVE-2002-0834 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets. | |||||