Total
29801 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0726 | 1 Cpg-nuke | 1 Dragonfly Cms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in linking.php in CPG-Nuke Dragonfly CMS 9.0.6.1 allows remote attackers to inject arbitrary web script or HTML via a URI that is generated when creating a list of online users. | |||||
| CVE-2005-0497 | 1 Adp | 1 Elite System Max 9000 | 2025-04-03 | 7.2 HIGH | N/A |
| ADP Elite System Max 9000 allows remote authenticated users to gain privileges by uploading a .profile that sets the ADPROOT environment variable to the root directory. | |||||
| CVE-2002-0883 | 1 Compaq | 1 Proliant Bl E-class Integrated Administrator Firmware | 2025-04-03 | 7.2 HIGH | N/A |
| Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator 1.0 and 1.10, allows authenticated users with Telnet, SSH, or console access to conduct unauthorized activities. | |||||
| CVE-2000-0004 | 1 Zbsoft | 1 Zbserver | 2025-04-03 | 5.0 MEDIUM | N/A |
| ZBServer Pro allows remote attackers to read source code for executable files by inserting a . (dot) into the URL. | |||||
| CVE-2004-0908 | 1 Mozilla | 2 Mozilla, Thunderbird | 2025-04-03 | 4.0 MEDIUM | N/A |
| Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins. | |||||
| CVE-2002-0521 | 1 Asp-nuke | 1 Asp-nuke | 2025-04-03 | 5.1 MEDIUM | N/A |
| Cross-site scripting vulnerabilities in ASP-Nuke RC2 and earlier allow remote attackers to execute script or gain privileges as other ASP-Nuke users via script in (1) the name parameter in downloads.asp, (2) the message parameter in Post.asp, or (3) a web site URL in profile.asp. | |||||
| CVE-2006-1850 | 1 Skymarx Solutions | 1 Xflow | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in xFlow 5.46.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) level, (2) position, (3) id, and (4) action parameters to members_only/index.cgi, and the (5) page parameter to customer_area/index.cgi. | |||||
| CVE-2001-0139 | 5 Caldera, Debian, Immunix and 2 more | 7 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver and 4 more | 2025-04-03 | 1.2 LOW | N/A |
| inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||||
| CVE-2005-1301 | 1 Nprotect | 1 Netizen | 2025-04-03 | 2.6 LOW | N/A |
| nProtect:Netizen 2005.3.17.1 does not properly verify that the update module is downloaded from an authorized site, which allows remote malicious web sites to write arbitrary files. | |||||
| CVE-2003-1251 | 1 Nx | 1 N X Web Content Management System 2002 | 2025-04-03 | 7.5 HIGH | N/A |
| The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeations.inc.php) scripts in N/X 2002 allow remote attackers to execute arbitrary PHP code via a c_path that references a URL on a remote web server that contains the code. | |||||
| CVE-2000-1159 | 1 Network Associates | 1 Sniffer Agent | 2025-04-03 | 7.5 HIGH | N/A |
| NAI Sniffer Agent allows remote attackers to gain privileges on the agent by sniffing the initial UDP authentication packets and spoofing commands. | |||||
| CVE-2006-4852 | 1 Quadcomm | 1 Q-shop | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browse.asp in QuadComm Q-Shop 3.5 allows remote attackers to execute arbitrary SQL commands via the OrderBy parameter. | |||||
| CVE-2002-1549 | 1 Light Httpd | 1 Light Httpd | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2006-0226 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 10.0 HIGH | N/A |
| Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frames. | |||||
| CVE-1999-1493 | 1 Hp | 1 Apollo Domain Os | 2025-04-03 | 10.0 HIGH | N/A |
| Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through SR10.3 allows remote attackers to gain root privileges via insecure system calls, (1) pad_$dm_cmd and (2) pad_$def_pfk(). | |||||
| CVE-2005-4136 | 1 Fad Solutions | 1 Drzes Hms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in DRZES HMS 3.2 allows remote attackers to inject arbitrary web script or HTML via the customerEmailAddress parameter. | |||||
| CVE-2006-1397 | 2 Phpadsnew, Phppgads | 2 Phpadsnew, Phppgads | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (a) phpAdsNew and (b) phpPgAds before 2.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) certain parameters to the banner delivery module, which is not properly handled in the administrator interface, or (2) certain parameters to the login form. | |||||
| CVE-2006-1653 | 1 Angelinecms | 1 Angelinecms | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in loadkernel.php in AngelineCMS 0.8.1 allows remote attackers to execute arbitrary PHP code via a URL in the installPath parameter. | |||||
| CVE-2005-2028 | 1 Mercuryboard | 1 Mercuryboard Message Board | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php for MercuryBoard 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | |||||
| CVE-2004-1877 | 1 Oracle | 2 Application Server, Http Server | 2025-04-03 | 2.6 LOW | N/A |
| The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO allows remote attackers to spoof the login page, which could allow users to inadvertently reveal their username and password. | |||||