Total
29809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1433 | 1 Hp | 1 Jetadmin | 2025-04-03 | 7.2 HIGH | N/A |
| HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file. | |||||
| CVE-2006-0310 | 1 Mike Helton | 1 Aoblogger | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in aoblogger 2.3 allows remote attackers to inject arbitrary Javascript via a javascript URI in the BBcode url tag. | |||||
| CVE-2006-3031 | 1 Fipsasp | 1 Fipscms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.asp in fipsCMS 4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) w, (2) phcat, (3) dayid, and (4) calw parameters. | |||||
| CVE-2006-3375 | 1 Randshop | 1 Randshop | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/header.inc.php in Randshop 1.1.1 allows remote attackers to execute arbitrary PHP code via the dateiPfad parameter. | |||||
| CVE-2005-2803 | 1 Hiki | 1 Hiki | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Hiki 0.8.1 to 0.8.2 allows remote attackers to inject arbitrary web script or HTML via a page name in a Login link, a different vulnerability than CVE-2005-2336. | |||||
| CVE-2002-0292 | 1 Open Source Development Network | 1 Slashcode | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting vulnerability in Slash before 2.2.5, as used in Slashcode and elsewhere, allows remote attackers to steal cookies and authentication information from other users via Javascript in a URL, possibly in the formkey field. | |||||
| CVE-2006-4831 | 1 Iodine | 1 Iodine | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in IP over DNS is now easy (iodine) before 0.3.2 has unknown impact and attack vectors, related to "potential security problems." | |||||
| CVE-2002-1496 | 1 Nulllogic | 1 Null Httpd | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to execute arbitrary code via a negative value in the Content-Length HTTP header. | |||||
| CVE-2005-2203 | 1 Phpwishlist | 1 Phpwishlist | 2025-04-03 | 7.5 HIGH | N/A |
| login.php in phpWishlist before 0.1.15 allows remote attackers to bypass authentication via a direct request to admin.php. | |||||
| CVE-2006-3842 | 1 Adventnet | 1 Zoho Virtual Office | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Zoho Virtual Office 3.2 Build 3210 allows remote attackers to execute arbitrary web script or HTML via an HTML message. | |||||
| CVE-2001-0219 | 1 Hp | 1 Hp-ux | 2025-04-03 | 2.1 LOW | N/A |
| Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service. | |||||
| CVE-2005-1150 | 1 Sun | 1 Java System Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier, when running on Windows systems, allows attackers to cause a denial of service (hang). | |||||
| CVE-2004-1797 | 1 Freznoshop | 1 Freznoshop | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php for FreznoShop 1.3.0 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||||
| CVE-2005-1782 | 1 W.m.r. Simpson | 1 Bookreview | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in BookReview beta 1.0 allow remote attackers to inject arbitrary web script or HTML via the node parameter to (1) add_review.htm, (2) suggest_review.htm, (3) suggest_category.htm, (4) add_booklist.htm, or (5) add_url.htm, the isbn parameter to (6) add_review.htm, (7) add_contents.htm, (8) add_classification.htm, the (9) chapters parameter to the add_contents page in index.php (aka add_contents.htm), (10) the user parameter to contact.htm, or (11) the submit[string] parameter to search.htm. NOTE: it is not clear whether BookReview is available to the public. If not, then it should not be included in CVE. | |||||
| CVE-1999-0375 | 1 Network Flight Recorder | 1 Network Flight Recorder | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands. | |||||
| CVE-2001-1154 | 2 Bsdi, Carnegie Mellon University | 2 Bsd Os, Cyrus Imap Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients. | |||||
| CVE-2003-0002 | 1 Microsoft | 1 Content Management Server | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter. | |||||
| CVE-2006-3521 | 1 Simian Systems Inc | 1 Siteforge Collaborative Development Platform | 2025-04-03 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index/siteforge-bugs-action/proj.siteforge in SiteForge Collaborative Development Platform 1.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) _status, (2) _extra1, (3) _extra2, or (4) _extra3 parameters. | |||||
| CVE-1999-0758 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL. | |||||
| CVE-2004-0893 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
| The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability." | |||||