Total
29557 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1366 | 1 Pico Server | 1 Pico Server | 2025-04-03 | 7.5 HIGH | N/A |
| Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain the source code for CGI scripts via "dirname/../cgi-bin" in a URL. | |||||
| CVE-1999-1281 | 1 Winddance Networks Corporation | 1 Breeze Network Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Development version of Breeze Network Server allows remote attackers to cause the system to reboot by accessing the configbreeze CGI program. | |||||
| CVE-2005-0381 | 1 Forumkit | 1 Forumkit | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in f.aspx in forumKIT 1.0 allows remote attackers to inject arbitrary web script or HTML via the members parameter. | |||||
| CVE-2006-4721 | 1 Ccleague | 1 Pro Sports Cms | 2025-04-03 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in admin.php in CCleague Pro Sports CMS 1.0.1 RC1 allows remote attackers to read and execute arbitrary local files via a .. (dot dot) sequence and trailing null (%00) byte in the language Cookie parameter, as demonstrated by executing PHP code via a log file. | |||||
| CVE-2005-2411 | 1 Tdiary | 1 Tdiary | 2025-04-03 | 5.1 MEDIUM | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user. | |||||
| CVE-2006-0960 | 1 Compex | 1 Netpassage Wpe54g | 2025-04-03 | 5.0 MEDIUM | N/A |
| uConfig agent in Compex NetPassage WPE54G router allows remote attackers to cause a denial of service (unresposiveness) via crafted datagrams to UDP port 7778. | |||||
| CVE-2004-1625 | 1 Pgina | 1 Pgina | 2025-04-03 | 5.0 MEDIUM | N/A |
| pGina 1.7.6 and possibly older versions, when the Restart or Shutdown options are enabled on the login screen, allows remote attackers to cause a denial of service by connecting via Remote Desktop and clicking restart or shutdown. | |||||
| CVE-2006-2134 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in /includes/kb_constants.php in Knowledge Base Mod for PHPbb 2.0.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | |||||
| CVE-2004-2566 | 1 Liveworld | 4 Livechat, Livefocusgroup, Liveforum and 1 more | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in LiveWorld products, possibly including (1) LiveForum, (2) LiveQ&A, (3) LiveChat, and (4) LiveFocusGroup, allow remote attackers to inject arbitrary web script or HTML via the q parameter in (a) search.jsp, (b) findclub!execute.jspa, and (c) search!execute.jspa. | |||||
| CVE-2005-1068 | 1 Scssboard | 1 Scssboard | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in sCssBoard 1.11 and earlier allows remote attackers to execute arbitrary Javascript via [url] tags. | |||||
| CVE-1999-1105 | 1 Microsoft | 1 Windows 95 | 2025-04-03 | 5.0 MEDIUM | N/A |
| Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive. | |||||
| CVE-1999-0991 | 1 Goodtech | 1 Telnet Server Nt | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a long login name. | |||||
| CVE-2006-2110 | 1 Virtual Private Server | 1 Vserver | 2025-04-03 | 2.1 LOW | N/A |
| Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x before 2.1.1-rc18 provides certain context capabilities (ccaps) that allow local guest users to perform operations that were only intended to be allowed by the guest-root. | |||||
| CVE-2000-0559 | 1 Broadcom | 1 Etrust Intrusion Detection | 2025-04-03 | 2.1 LOW | N/A |
| eTrust Intrusion Detection System (formerly SessionWall-3) uses weak encryption (XOR) to store administrative passwords in the registry, which allows local users to easily decrypt the passwords. | |||||
| CVE-2005-4086 | 1 Sugarcrm | 1 Sugar Suite | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter. | |||||
| CVE-2001-0545 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| IIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) via a malformed request that specifies a length that is different than the actual length. | |||||
| CVE-2005-2249 | 1 Jinzora | 1 Jinzora | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple unknown vulnerabilities in Jinzora 2.0.1 have unknown impact and attack vectors, possibly involving a PHP file inclusion vulnerability. | |||||
| CVE-2006-4457 | 1 Phpecard | 1 Phpecard | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in phpECard 2.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2004-0636 | 1 Aol | 1 Instant Messenger | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message. | |||||
| CVE-2002-0512 | 1 Caldera | 2 Openlinux Server, Openlinux Workstation | 2025-04-03 | 4.6 MEDIUM | N/A |
| startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries. | |||||