Total
29809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1885 | 1 Powerphlogger | 1 Powerphlogger | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in showhits.php3 for PowerPhlogger (PPhlogger) 2.0.9 through 2.2.2 allows remote attackers to execute arbitrary PHP code via the rel_path parameter. | |||||
| CVE-2002-0168 | 1 Enlightenment | 1 Imlib | 2025-04-03 | 7.5 HIGH | N/A |
| Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption. | |||||
| CVE-2005-3493 | 1 Afsl Games | 1 Battle Carry | 2025-04-03 | 5.0 MEDIUM | N/A |
| Battle Carry .005 and earlier allows remote attackers to cause a denial of service (inaccessible port) via a large packet, which triggers a socket error and terminates the socket that is listening on the server's UDP port. | |||||
| CVE-2005-0935 | 1 Esmi | 1 Paypal Storefront | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ESMI PayPal Storefront allow remote attackers to execute arbitrary SQL commands via the (1) idpages parameter to pages.php or the (2) id2 parameter to products1.php. | |||||
| CVE-2001-1056 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.5 HIGH | N/A |
| IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid request and allow the connection to the port specified in the DCC SEND request. | |||||
| CVE-2004-1800 | 1 Sysbotz | 1 Simpledata | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in Sysbotz SimpleData 4.0.1 and possibly earlier versions allows remote attackers to gain access via a crafted URL and a certain cookie. | |||||
| CVE-2005-4286 | 1 Phplogcon | 1 Phplogcon | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in PhpLogCon before 1.2.2 allows remote attackers to use arbitrary profiles via unknown vectors involving "'smart' values for userid and password," probably involving an SQL injection vulnerability in the (1) pass and (2) usr parameters in submit.php. | |||||
| CVE-2005-2772 | 1 University Of Minnesota | 1 Gopher | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function. | |||||
| CVE-2001-1060 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-03 | 7.5 HIGH | N/A |
| phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php. | |||||
| CVE-2005-0592 | 1 Mozilla | 2 Firefox, Mozilla | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service (crash) or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value. | |||||
| CVE-2006-0246 | 1 Widexl | 1 Download Tracker | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in down.pl in Widexl Download Tracker 1.06 allows remote attackers to inject arbitrary web script or HTML via the ID parameter. | |||||
| CVE-2000-0229 | 4 Alessandro Rubini, Debian, Redhat and 1 more | 4 Gpm, Debian Linux, Linux and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
| gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. | |||||
| CVE-1999-1123 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall. | |||||
| CVE-2006-3962 | 1 Mambo | 1 Bayesiannaivefilter | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in administrator/components/com_bayesiannaivefilter/lang.php in the bayesiannaivefilter component (com_bayesiannaivefilter) 1.1 for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
| CVE-2000-0970 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-03 | 7.5 HIGH | N/A |
| IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote attackers to hijack the secure web session of the user if that user moves to an insecure session, aka the "Session ID Cookie Marking" vulnerability. | |||||
| CVE-2005-2717 | 1 Webcalendar | 1 Webcalendar | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in WebCalendar before 1.0.1 allows remote attackers to execute arbitrary PHP code when opening settings.php, possibly via send_reminders.php or other scripts. | |||||
| CVE-2000-1023 | 1 Alabanza | 1 Control Panel | 2025-04-03 | 7.5 HIGH | N/A |
| The Alabanza Control Panel does not require passwords to access administrative commands, which allows remote attackers to modify domain name information via the nsManager.cgi CGI program. | |||||
| CVE-2006-1573 | 1 Mediaslash.com | 1 Mediaslash Gallery | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in MediaSlash Gallery allows remote attackers to execute arbitrary PHP code via a URL in the rub parameter (part of the $page_menu variable). | |||||
| CVE-2004-1393 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang). | |||||
| CVE-1999-1501 | 1 Sgi | 1 Irix | 2025-04-03 | 4.6 MEDIUM | N/A |
| (1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands. | |||||