Total
29568 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4620 | 1 Alt-n | 1 Webadmin | 2025-04-03 | 4.6 MEDIUM | N/A |
| The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox of another account. | |||||
| CVE-2006-1409 | 1 Vavoom | 1 Vavoom | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Vavoom 1.19.1 and earlier allows remote attackers to cause a denial of service (application crash) via an invalid comprLength value in a compressed packet. | |||||
| CVE-2006-1122 | 1 D2ksoft | 1 D2kblog | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Default.asp in D2KBlog 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | |||||
| CVE-1999-0578 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | 4.6 MEDIUM | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. | |||||
| CVE-2000-1036 | 1 Extent Technologies | 1 Rbs Isp | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Extent RBS ISP web server allows remote attackers to read sensitive information via a .. (dot dot) attack on the Image parameter. | |||||
| CVE-2006-2477 | 1 Bitrix | 1 Bitrix Site Manager | 2025-04-03 | 4.9 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the administrative interface Bitrix Site Manager 4.1.x allows remote attackers to inject arbitrary web script or HTML via unspecified inputs. | |||||
| CVE-2006-2722 | 1 Out Of The Trees Web Design | 1 Selectapix | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_album.php in SelectaPix 1.4 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources. | |||||
| CVE-2001-0011 | 1 Isc | 1 Bind | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
| CVE-2005-3790 | 1 Phpwcms | 1 Phpwcms | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in act_newsletter.php in phpwcms 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) i and (2) text parameters. | |||||
| CVE-2004-2025 | 1 Zen Cart | 1 Zen Cart | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in application_top.php for Zen Cart 1.1.3 before patch 2 may allow remote attackers to execute arbitrary SQL commands via the products_id parameter. | |||||
| CVE-2005-4068 | 1 Ibm | 1 Aix | 2025-04-03 | 7.2 HIGH | N/A |
| Unspecified "absolute path vulnerability" in umountall in IBM AIX 5.1 through 5.3 allows local users to cause unknown impact via unknown vectors. | |||||
| CVE-2006-0875 | 1 Runcms | 1 Runcms | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in ratefile.php in RunCMS 1.3a5 allows remote attackers to inject arbitrary web script or HTML via the lid parameter. | |||||
| CVE-2006-3406 | 1 Qto | 1 Qtofilemanager | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to modify arbitrary files via a .. (dot dot) sequence in the edit parameter. | |||||
| CVE-2000-0556 | 1 Computalynx | 1 Cmail | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in the web interface for Cmail 2.4.7 allows remote attackers to cause a denial of service by sending a large user name to the user dialog running on port 8002. | |||||
| CVE-2006-1913 | 1 Jax Scripts | 1 Jax Guestbook | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in jax_guestbook.php in Jax Guestbook 3.1, 3.31, and 3.50 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||
| CVE-2000-1217 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | 4.6 MEDIUM | N/A |
| Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability. | |||||
| CVE-2006-4458 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in calendar/inc/class.holidaycalc.inc.php in phpGroupWare 0.9.16.010 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) sequence and trailing null (%00) byte in the GLOBALS[phpgw_info][user][preferences][common][country] parameter. | |||||
| CVE-2006-1765 | 1 Jbook | 1 Jbook | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in JBook 1.3 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||
| CVE-2005-0784 | 1 Phorum | 1 Phorum | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phorum before 5.0.15 allow remote attackers to inject arbitrary web script or HTML via (1) the subject line to follow.php or (2) the subject line in the user's personal control panel. | |||||
| CVE-2002-1523 | 1 Daniel Arenz | 1 Mini Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Daniel Arenz Mini Server 2.1.6 allows remote attackers to read arbitrary files via (1) ../ (dot-dot slash) or (2) ..\ (dot-dot backslash) sequences. | |||||