Total
29798 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1499 | 1 Source Workshop | 1 Vcounter | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in vCounter.php in vCounter 1.0 allows remote attackers to execute arbitrary SQL commands via the URI (_SERVER[REQUEST_URI] variable). | |||||
| CVE-1999-0096 | 3 Bsdi, Freebsd, Sco | 4 Bsd Os, Freebsd, Internet Faststart and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Sendmail decode alias can be used to overwrite sensitive files. | |||||
| CVE-2006-4438 | 1 Doctor Web Ltd | 1 Dr.web | 2025-04-03 | 6.4 MEDIUM | N/A |
| Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header that contains a long directory name. | |||||
| CVE-2006-2867 | 1 Coolforum | 1 Coolforum | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in editpost.php in CoolForum 0.8.3 beta and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter. | |||||
| CVE-2006-0762 | 1 Winability | 1 Folder Guard | 2025-04-03 | 4.6 MEDIUM | N/A |
| WinAbility Folder Guard 4.11 allows local users to gain unauthorized access to certain capabilities of the application by renaming or moving the password file (FGuard.FGP), which disables the password requirement. | |||||
| CVE-2006-3284 | 1 Datetopia | 1 Dating Agent Pro | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Dating Agent PRO 4.7.1 allows remote attackers to inject arbitrary web script or HTML via the login parameter in (1) webmaster/index.php and (2) search.php. | |||||
| CVE-2005-1640 | 1 The Ignition Project | 1 Ignitionserver | 2025-04-03 | 7.5 HIGH | N/A |
| mod_channel.bas in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not properly verify whether a host has the owner privileges required to delete IRC channel access entries, which allows remote attackers to bypass intended restrictions. | |||||
| CVE-2000-0112 | 1 Debian | 1 Debian Linux | 2025-04-03 | 7.2 HIGH | N/A |
| The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation. | |||||
| CVE-2005-2542 | 1 Invision Power Services | 1 Invision Board | 2025-04-03 | 5.0 MEDIUM | N/A |
| Invision Power Board (IPB) 1.0.3 allows remote attackers to inject arbitrary web script or HTML via an attachment, which is automatically downloaded and processed as HTML. | |||||
| CVE-2006-2169 | 1 Best Practical Solutions | 1 Request Tracker | 2025-04-03 | 5.0 MEDIUM | N/A |
| RT: Request Tracker 3.5.HEAD allows remote attackers to obtain sensitive information via the Rows parameter in Dist/Display.html, which reveals the installation path in an error message. | |||||
| CVE-2006-2791 | 1 Net Art Media | 1 Iboutique.mall | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in iBoutique.MALL and possibly iBoutique allows remote attackers to read arbitrary files via ".." sequences in the function parameter. | |||||
| CVE-1999-1524 | 1 Flowpoint | 1 Flowpoint Dsl Router | 2025-04-03 | 5.0 MEDIUM | N/A |
| FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port. | |||||
| CVE-2005-3341 | 1 Dhis Tools | 1 Dns Package | 2025-04-03 | 2.1 LOW | N/A |
| DHIS tools DNS package (dhis-tools-dns) before 5.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files created by (1) register-q.sh and (2) register-p.sh. | |||||
| CVE-2005-1995 | 1 Bitrix | 1 Bitrix Site Manager | 2025-04-03 | 5.0 MEDIUM | N/A |
| Bitrix Site Manager 4.0.x allows remote attackers to obtain sensitive information via direct request to (1) subscr_form.php or (2) dbquery_error.php, which reveals the path in an error message. | |||||
| CVE-2006-1323 | 1 Webtoolmaster Software | 1 Winhki | 2025-04-03 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in WinHKI 1.6 and earlier allows user-assisted attackers to overwrite arbitrary files via a (1) RAR, (2) TAR, (3) ZIP, or (4) TAR.GZ archive with a file whose file name contains ".." sequences. | |||||
| CVE-2000-0450 | 1 Sean Macguire | 1 Big Brother | 2025-04-03 | 7.5 HIGH | N/A |
| Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands. | |||||
| CVE-2006-0222 | 1 Alstrasoft | 1 Template Seller | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in fullview.php in AlstraSoft Template Seller Pro allows remote attackers to inject arbitrary web script or HTML via the tempid parameter. | |||||
| CVE-2005-4656 | 1 Triggertg | 1 Tclanportal | 2025-04-03 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in index.php in TClanPortal 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands, and retrieve all usernames and passwords, via the id parameter. | |||||
| CVE-2005-0520 | 1 Argosoft | 1 Ftp Server | 2025-04-03 | 10.0 HIGH | N/A |
| ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut (.LNK) files in the SITE COPY command, a different vulnerability than CVE-2005-0519. | |||||
| CVE-2006-0626 | 1 Spip | 1 Spip | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in spip_acces_doc.php3 in SPIP 1.8.2g and earlier allows remote attackers to execute arbitrary SQL commands via the file parameter. | |||||