Total
29514 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0955 | 1 Interakt | 1 Mx Shop | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in InterAKT MX Shop 1.1.1 allows remote attackers to execute arbitrary SQL commands via the id_ctg parameter. | |||||
| CVE-2005-2442 | 1 Spi Dynamics | 1 Webinspect | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cross-Application Scripting (XAS) vulnerability in SPI Dynamics WebInspect 5.0.196 allows remote attackers to inject Javascript from one application into another. | |||||
| CVE-2006-0079 | 1 Scoznet | 1 Scozbook | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auth.php in ScozNet ScozBook BETA 1.1 allows remote attackers to execute arbitrary SQL commands via the username field (adminname variable). | |||||
| CVE-2000-0982 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 7.5 HIGH | N/A |
| Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability. | |||||
| CVE-2005-3856 | 1 Krusader | 1 Krusader | 2025-04-03 | 4.0 MEDIUM | N/A |
| The Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1.70.0-beta1 saves passwords in cleartext in the krusaderrc file when the user enters URLs containing passwords in the panel URL field, which might allow attackers to access other sites. | |||||
| CVE-2006-4057 | 1 Mitch Murray | 1 Eremove | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the preview_create function in gui.cpp in Mitch Murray Eremove 1.4 allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a large email attachment. | |||||
| CVE-2004-2261 | 1 E107 | 1 E107 | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in e107 allows remote attackers to inject arbitrary script or HTML via the "login name/author" field in the (1) news submit or (2) article submit functions. | |||||
| CVE-2005-0215 | 1 Mozilla | 1 Mozilla | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mozilla 1.6 and possibly other versions allows remote attackers to cause a denial of service (application crash) via a XBM (X BitMap) file with a large (1) height or (2) width value. | |||||
| CVE-2000-1009 | 2 Redhat, Trustix | 2 Linux, Secure Linux | 2025-04-03 | 7.2 HIGH | N/A |
| dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program. | |||||
| CVE-2004-0347 | 1 Netscreen | 1 Netscreen-sa 5000 Series | 2025-04-03 | 6.0 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 (build 4797) allows remote authenticated users to execute arbitrary script as other users via the row parameter. | |||||
| CVE-2001-1298 | 1 Grant Horwood | 1 Webodex | 2025-04-03 | 5.0 MEDIUM | N/A |
| Webodex PHP script 1.0 and earlier allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | |||||
| CVE-2001-1023 | 1 Xcache Technologies | 1 Xcache | 2025-04-03 | 5.0 MEDIUM | N/A |
| Xcache 2.1 allows remote attackers to determine the absolute path of web server documents by requesting a URL that is not cached by Xcache, which returns the full pathname in the Content-PageName header. | |||||
| CVE-2000-0222 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 10.0 HIGH | N/A |
| The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote attackers to connect to the ADMIN$ share without a password until the reboot occurs. | |||||
| CVE-1999-0479 | 2 Hp, Netscape | 2 Hp-ux, Enterprise Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems. | |||||
| CVE-2000-0233 | 1 Suse | 1 Suse Linux Imap Server | 2025-04-03 | 10.0 HIGH | N/A |
| SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges. | |||||
| CVE-2000-0317 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option. | |||||
| CVE-2004-1329 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program. | |||||
| CVE-2002-1429 | 1 Endity.com | 1 Shoutbox | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in board.php of endity.com ShoutBOX allows remote attackers to inject arbitrary HTML into the shoutbox page via the site parameter. | |||||
| CVE-2002-0471 | 1 Phpnettoolpack | 1 Phpnettoolpack | 2025-04-03 | 10.0 HIGH | N/A |
| PHPNetToolpack 0.1 allows remote attackers to execute arbitrary code via shell metacharacters in the a_query variable. | |||||
| CVE-2006-3025 | 1 Lucid Designs | 1 Lucid Calendar | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Cal.PHP3 in Chris Lea Lucid Calendar 0.22 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||