Total
29562 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4479 | 1 Phpslash | 1 Phpslash | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article.php in phpSlash 0.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the story_id parameter. | |||||
| CVE-2001-0491 | 1 Team Johnlong | 1 Raidenftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in RaidenFTPD Server 2.1 before build 952 allows attackers to access files outside the ftp root via dot dot attacks, such as (1) .... in CWD, (2) .. in NLST, or (3) ... in NLST. | |||||
| CVE-2005-4697 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | 2.1 LOW | N/A |
| The Microsoft Wireless Zero Configuration system (WZCS) allows local users to access WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key via certain calls to the WZCQueryInterface API function in wzcsapi.dll. | |||||
| CVE-2006-2609 | 1 Artmedic Webdesign | 1 Artmedic Newsletter | 2025-04-03 | 5.1 MEDIUM | N/A |
| artmedic newsletter 4.1.2 and possibly other versions, when register_globals is enabled, allows remote attackers to modify arbitrary files and execute arbitrary PHP code via the email parameter to newsletter_log.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2003-0715 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528. | |||||
| CVE-2000-0084 | 1 Globalscape | 1 Cuteftp | 2025-04-03 | 5.0 MEDIUM | N/A |
| CuteFTP uses weak encryption to store password information in its tree.dat file. | |||||
| CVE-2006-4544 | 1 Exbb | 1 Exbb | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in ExBB 1.9.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the exbb[home_path] parameter in files in the modules directory including (1) birstday/birst.php (2) birstday/select.php, (3) birstday/profile_show.php, (4) newusergreatings/pm_newreg.php, (5) punish/p_error.php, (6) punish/profile.php, and (7) threadstop/threadstop.php. NOTE: the (8) modules/userstop/userstop.php vector might overlap CVE-2006-4488, although it is for a slightly different product from the same vendor. | |||||
| CVE-2005-2058 | 1 Ubbcentral | 1 Ubb.threads | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Number parameter to (1) download.php, (2) modifypost.php, (3) mailthread.php, or (4) notifymod.php, (5) month or (6) year parameter to calendar.php, (7) message parameter to viewmessage.php, (8) main parameter to addfav.php, or (9) posted parameter to grabnext.php. | |||||
| CVE-2004-2366 | 1 Globalscape | 1 Secure Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 allows remote attackers to cause a denial of service (crash) via a SITE command with a long argument. | |||||
| CVE-2000-1157 | 1 Network Associates | 1 Sniffer Agent | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in NAI Sniffer Agent allows remote attackers to execute arbitrary commands via a long SNMP community name. | |||||
| CVE-2004-2300 | 1 Ucd-snmp | 1 Ucd-snmp | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -p command line argument. NOTE: it is not clear whether there are any standard configurations in which snmpd is installed setuid or setgid. If not, then this issue should not be included in CVE. | |||||
| CVE-2004-1961 | 1 Protector System | 1 Protector System | 2025-04-03 | 7.5 HIGH | N/A |
| blocker.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection protection and execute limited SQL commands via URL-encoded "'" characters ("%27"). | |||||
| CVE-2002-1922 | 1 Jelsoft | 1 Vbulletin | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in global.php in Jelsoft vBulletin 2.0.0 through 2.2.8 allows remote attackers to inject arbitrary web script or HTML via the (1) $scriptpath or (2) $url variables. | |||||
| CVE-2005-2886 | 1 Maxdev | 1 Md-pro | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1.0.73, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via (1) the print parameter to the print module, the sitename parameter to (2) bb_smilies or (3) bbcode_ref module, or (4) the hlpfile parameter to openwindow.php. | |||||
| CVE-2003-0736 | 1 Phpwebsite | 1 Phpwebsite | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpWebSite 0.9.x and earlier allow remote attackers to execute arbitrary web script via (1) the day parameter in the calendar module, (2) the fatcat_id parameter in the fatcat module, (3) the PAGE_id parameter in the pagemaster module, (4) the PDA_limit parameter in the search, and (5) possibly other parameters in the calendar, fatcat, and pagemaster modules. | |||||
| CVE-2005-0693 | 1 Jowood Productions | 1 Chaser | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in JoWood Chaser 1.50 and earlier allows remote attackers to cause a denial of service (client or server crash) and execute arbitrary code via a long nickname. | |||||
| CVE-2004-1816 | 2 Macromedia, Sun | 3 Coldfusion, Jrun, One Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption). | |||||
| CVE-2002-0220 | 1 Phpsmssend | 1 Phpsmssend | 2025-04-03 | 7.5 HIGH | N/A |
| phpsmssend.php in PhpSmsSend 1.0 allows remote attackers to execute arbitrary commands via an SMS message containing shell metacharacters. | |||||
| CVE-2005-0352 | 1 Woodstone | 1 Servers Alive | 2025-04-03 | 7.2 HIGH | N/A |
| Servers Alive 4.1 and 5.0, when running as a service, does not drop SYSTEM privileges before loading local manual under the help menu, which allows local users to gain privileges. | |||||
| CVE-2005-3149 | 1 Uim | 1 Uim | 2025-04-03 | 4.6 MEDIUM | N/A |
| Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges. | |||||