Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29911 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2000-1233 1 Phorum 1 Phorum 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter.
CVE-2000-1232 1 Phorum 1 Phorum 2026-06-16 5.0 MEDIUM N/A
upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify certain Phorum database tables via an unknown method.
CVE-2000-1231 1 Phorum 1 Phorum 2026-06-16 5.0 MEDIUM N/A
code.php3 in Phorum 3.0.7 allows remote attackers to read arbitrary files in the phorum directory via the query string.
CVE-2000-1230 1 Phorum 1 Phorum 2026-06-16 5.0 MEDIUM N/A
Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to access restricted web pages via an HTTP request with the PHP_AUTH_USER parameter set to "boogieman".
CVE-2000-1229 1 Phorum 1 Phorum 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum administrators to read arbitrary files via ".." (dot dot) sequences in the default .langfile name field in the Master Settings administrative function, which causes the file to be displayed in admin.php3.
CVE-2000-1228 1 Phorum 1 Phorum 2026-06-16 5.0 MEDIUM N/A
Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables.
CVE-2000-1227 1 Microsoft 2 Windows 2000, Windows Nt 2026-06-16 5.0 MEDIUM N/A
Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back.
CVE-2000-1226 1 Snort 1 Snort 2026-06-16 5.0 MEDIUM N/A
Snort 1.6, when running in straight ASCII packet logging mode or IDS mode with straight decoded ASCII packet logging selected, allows remote attackers to cause a denial of service (crash) by sending non-IP protocols that Snort does not know about, as demonstrated by an nmap protocol scan.
CVE-2000-1225 1 Imatix 1 Xitami 2026-06-16 5.0 MEDIUM N/A
Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program.
CVE-2000-1224 1 Caucho Technology 1 Resin 2026-06-16 5.0 MEDIUM N/A
Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others.
CVE-2000-1223 1 I-soft 1 Quikstore 2026-06-16 7.5 HIGH N/A
quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request.
CVE-2000-1222 1 Ibm 1 Aix 2026-06-16 7.2 HIGH N/A
AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.
CVE-2000-1221 3 Debian, Redhat, Sgi 3 Debian Linux, Linux, Irix 2026-06-16 10.0 HIGH N/A
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
CVE-2000-1220 2 Redhat, Sgi 2 Linux, Irix 2026-06-16 10.0 HIGH N/A
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
CVE-2000-1219 1 Gnu 2 G\+\+, Gcc 2026-06-16 7.5 HIGH N/A
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows.
CVE-2000-1217 1 Microsoft 1 Windows 2000 2026-06-16 4.6 MEDIUM N/A
Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability.
CVE-2000-1215 1 Ibm 1 Lotus Domino 2026-06-16 5.0 MEDIUM N/A
The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information.
CVE-2000-1214 3 Immunix, Iputils, Redhat 3 Immunix, Iputils, Linux 2026-06-16 4.6 MEDIUM N/A
Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges.
CVE-2000-1213 3 Immunix, Iputils, Redhat 3 Immunix, Iputils, Linux 2026-06-16 7.5 HIGH N/A
ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges.
CVE-2000-1212 1 Zope 1 Zope 2026-06-16 5.0 MEDIUM N/A
Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects.