Total
29521 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0703 | 1 Imagevue | 1 Imagevue | 2025-04-03 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in index.php in imageVue 16.1 has unknown impact, probably a cross-site scripting (XSS) vulnerability involving the query string that is not quoted when inserted into style and body tags, as demonstrated using a bgcol parameter. | |||||
| CVE-2004-0232 | 4 Gentoo, Midnight Commander, Sgi and 1 more | 4 Linux, Midnight Commander, Propack and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. | |||||
| CVE-2002-0898 | 1 Opera Software | 1 Opera Web Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Opera 6.0.1 and 6.0.2 allows a remote web site to upload arbitrary files from the client system, without prompting the client, via an input type=file tag whose value contains a newline. | |||||
| CVE-2001-1502 | 1 Mountain Network Systems | 1 Webcart | 2025-04-03 | 7.5 HIGH | N/A |
| webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the NEXTPAGE parameter. | |||||
| CVE-2005-1233 | 1 Php Labs | 1 Profile | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PHP Labs proFile allows remote attackers to inject arbitrary web script or HTML via the (1) dir or (2) file parameters. | |||||
| CVE-2006-3489 | 1 F-secure | 3 F-secure Anti-virus, F-secure Internet Security, F-secure Service Platform For Service Providers | 2025-04-03 | 5.0 MEDIUM | N/A |
| F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename. | |||||
| CVE-2001-1027 | 1 Windowmaker | 1 Windowmaker | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in WindowMaker (aka wmaker) 0.64 and earlier allows remote attackers to execute arbitrary code via a long window title. | |||||
| CVE-2002-1987 | 1 Caucho Technology | 1 Resin | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (backslash dot dot). | |||||
| CVE-2005-4790 | 2 Novell, Suse | 2 Suse Linux, Suse Linux | 2025-04-03 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions. | |||||
| CVE-2006-3755 | 1 Flushcms | 1 Flushcms | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in Include/editor/class.rich.php in FlushCMS 1.0.0-pre2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the class_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-1999-0467 | 1 Webcom | 1 Cgi Guestbook | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrary files using the "template" parameter. | |||||
| CVE-2006-3201 | 1 Hp | 1 Hp-ux | 2025-04-03 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. | |||||
| CVE-2000-0705 | 1 Luca Deri | 1 Ntop | 2025-04-03 | 5.0 MEDIUM | N/A |
| ntop running in web mode allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2003-0302 | 1 Qualcomm | 1 Eudora | 2025-04-03 | 5.0 MEDIUM | N/A |
| The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors. | |||||
| CVE-2006-0846 | 1 Leif M. Wright | 1 Web Blog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Leif M. Wright's Blog 3.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Referer and (2) User-Agent HTTP headers, which are stored in a log file and not sanitized when the administrator views the "Log" page, possibly using the ViewCommentsLog function. | |||||
| CVE-2006-4862 | 1 Easypagecms | 1 Easypagecms | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.aspx in easypage allows remote attackers to execute arbitrary SQL commands via the srch parameter in the Search page. | |||||
| CVE-2002-0622 | 1 Microsoft | 1 Commerce Server | 2025-04-03 | 7.5 HIGH | N/A |
| The Office Web Components (OWC) package installer for Microsoft Commerce Server 2000 allows remote attackers to execute commands by passing the commands as input to the OWC package installer, aka "OWC Package Command Execution". | |||||
| CVE-2006-0811 | 1 Skate Board | 1 Skate Board | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in reguser.php in Skate Board 0.9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters involved with the registration form. | |||||
| CVE-2006-4567 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-04-03 | 2.6 LOW | N/A |
| Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting a malicious site and accepting a malicious certificate for the Mozilla update site, which can then be used to install arbitrary code on the next update. | |||||
| CVE-2005-0283 | 1 David Barrett | 1 Qwikiwiki | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in QwikiWiki allows remote attackers to read arbitrary files via a .. (dot dot) and a %00 at the end of the filename in the page parameter. | |||||