Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3353 | 1 Php | 1 Php | 2025-04-03 | 5.0 MEDIUM | N/A |
| The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image. | |||||
| CVE-2006-0644 | 1 Cpg-nuke | 1 Dragonfly Cms | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple directory traversal vulnerabilities in install.php in CPG-Nuke Dragonfly CMS (aka CPG Dragonfly CMS) 9.0.6.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in (1) the newlang parameter and (2) the installlang parameter in a cookie, as demonstrated by using error.php to insert malicious code into a log file, or uploading a malicious .png file, which is then included using install.php. | |||||
| CVE-2002-2275 | 1 Fortres Grand Corporation | 1 Fortres | 2025-04-03 | 2.1 LOW | N/A |
| Fortres 101 4.1 allows local users to bypass Fortres by pressing the Windows and "F" key together for 30 seconds, which opens multiple windows and eventually causes explorer.exe to crash, which then opens an unrestricted explorer.exe. | |||||
| CVE-2004-0207 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows 98 and 2 more | 2025-04-03 | 2.1 LOW | N/A |
| "Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of privileged programs using the SetWindowLong and SetWIndowLongPtr API functions. | |||||
| CVE-1999-0436 | 1 Hp | 2 Desms, Hp-ux | 2025-04-03 | 4.6 MEDIUM | N/A |
| Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges. | |||||
| CVE-2002-1411 | 1 Duma | 1 Photo Gallery System | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the id parameter. | |||||
| CVE-2000-0386 | 1 Filemaker | 1 Filemaker | 2025-04-03 | 7.5 HIGH | N/A |
| FileMaker Pro 5 Web Companion allows remote attackers to send anonymous or forged email. | |||||
| CVE-2005-1136 | 1 Sphpblog | 1 Sphpblog | 2025-04-03 | 5.0 MEDIUM | N/A |
| Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) config.txt files under the web document root, which allows remote attackers to obtain sensitive information and crack passwords via a direct request to these files. | |||||
| CVE-2004-2613 | 1 Vserver | 1 Linux-vserver | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in procfs in the Linux-VServer stable branch for the 2.4 kernel before 1.23 and Linux-VServer development branch for the 2.4 kernel before 1.3.5 has unspecified impact and attack vectors, related to "write access to specific proc entries from a vserver context", a different vulnerability than CVE-2004-2408. | |||||
| CVE-2005-4429 | 1 Cs-cart | 1 Cs-cart | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CS-Cart 1.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) sort_by and (2) sort_order parameters to index.php. | |||||
| CVE-1999-0075 | 1 Washington University | 1 Wu-ftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password. | |||||
| CVE-2005-1611 | 1 Web Crossing Inc | 1 Web Crossing | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebX in Web Crossing 5.x allows remote attackers to inject arbitrary web script or HTML via a URL with an "@" followed by the desired script. | |||||
| CVE-2005-0807 | 1 Oxid | 1 Cain And Abel | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters. | |||||
| CVE-2000-0787 | 1 Xchat | 1 Xchat | 2025-04-03 | 7.5 HIGH | N/A |
| IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser. | |||||
| CVE-2004-2101 | 1 Geovision | 1 Geohttpserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| The sysinfo script in GeoHttpServer allows remote attackers to cause a denial of service (crash) via a long pwd parameter, possibly triggering a buffer overflow. | |||||
| CVE-2002-1857 | 1 Jo | 1 Jo Webserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| jo! jo Webserver 1.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | |||||
| CVE-2005-4308 | 1 Scriptscenter | 1 Ezupload Pro | 2025-04-03 | 7.5 HIGH | N/A |
| index.php in ezUpload Pro 2.2 and earlier allows remote attackers to include files via the mode parameter. | |||||
| CVE-2005-4551 | 1 Simpbook | 1 Simpbook | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in sign.php in codegrrl SimpBook 1.0, when html_enable is on, allows remote attackers to inject arbitrary web script or HTML via the message parameter to index.php. | |||||
| CVE-2006-3351 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | 5.4 MEDIUM | N/A |
| Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of "file:" specifiers. | |||||
| CVE-1999-0082 | 2 Ftp, Ftpcd | 2 Ftp, Ftpcd | 2025-04-03 | 10.0 HIGH | N/A |
| CWD ~root command in ftpd allows root access. | |||||