Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1801 | 1 Bizdesign | 1 Imagefolio | 2025-04-03 | 5.0 MEDIUM | N/A |
| ImageFolio 2.23 through 2.27 allows remote attackers to obtain sensitive information via a nonexistent image category, which leaks the web root in the resulting error message. | |||||
| CVE-2006-1012 | 1 Wordpress | 1 Wordpress | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment. | |||||
| CVE-2001-0683 | 1 Netscape | 1 Collabra Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238. | |||||
| CVE-1999-1562 | 1 Gftp | 1 Ftp Client | 2025-04-03 | 4.6 MEDIUM | N/A |
| gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file. | |||||
| CVE-2001-1168 | 1 Phpmyexplorer | 2 Phpmyexplorer Classic, Phpmyexplorer Multiuser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in PhpMyExplorer before 1.2.1 allows remote attackers to read arbitrary files via a ..%2F (modified dot dot) in the chemin parameter. | |||||
| CVE-1999-1235 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 4.6 MEDIUM | N/A |
| Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link. | |||||
| CVE-2005-1290 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) u parameter to profile.php, (2) highlight parameter to viewtopic.php, or (3) forumname or forumdesc parameters to admin_forums.php. | |||||
| CVE-2005-4630 | 1 Clientexec | 1 Clientexec | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ClientExec 2.3 allows remote attackers to execute arbitrary SQL commands via the (1) billshowid, (2) billdetailid, (3) fuse, and (4) frmClientID parameters. | |||||
| CVE-1999-1002 | 1 Netscape | 1 Communicator | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netscape Navigator uses weak encryption for storing a user's Netscape mail password. | |||||
| CVE-2005-2138 | 1 Comdev | 1 Comdev Ecommerce | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review message. | |||||
| CVE-2005-3478 | 1 Phpcafe | 1 Tutorial Manager | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHPCafe.net Tutorials Manager 1.0 Beta 2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2004-0997 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors. | |||||
| CVE-2005-2530 | 1 Sun | 1 Java | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Java 1.3.1 before 1.3.1_16 on Apple Mac OS X allows an untrusted applet to gain privileges, related to "Mac OS X specific extensions." | |||||
| CVE-2004-0547 | 1 Postgresql | 1 Postgresql | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows remote attackers to cause a denial of service (crash). | |||||
| CVE-2003-0068 | 1 Michael Jennings | 1 Eterm | 2025-04-03 | 7.5 HIGH | N/A |
| The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | |||||
| CVE-2006-1899 | 1 Dev | 1 Neuron Blog | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in dev Neuron Blog 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) website parameters. | |||||
| CVE-2004-0010 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges. | |||||
| CVE-2005-4415 | 1 Tml | 1 Tml | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in TML CMS 0.5 allows remote attackers to inject arbitrary web script or HTML via the form parameter. | |||||
| CVE-2004-0382 | 1 Apple | 1 Mac Os X | 2025-04-03 | 7.2 HIGH | N/A |
| Unknown vulnerability in the CUPS printing system in Mac OS X 10.3.3 and Mac OS X 10.2.8 with unknown impact, possibly related to a configuration file setting. | |||||
| CVE-2003-0119 | 1 Ibm | 1 Aix | 2025-04-03 | 7.5 HIGH | N/A |
| The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorized activities. | |||||