Total
29810 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0173 | 1 Sco | 1 Unixware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service. | |||||
| CVE-2006-2872 | 1 Rumble | 1 Rumble | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in config.php in Rumble 1.02 allows remote attackers to execute arbitrary PHP code via a URL in the configArr[pathtodir] parameter. | |||||
| CVE-2004-1988 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in init.inc.php in Coppermine Photo Gallery 1.2.0 RC4 allows remote attackers to execute arbitrary PHP code by modifying the CPG_M_DIR to reference a URL on a remote web server that contains functions.inc.php. | |||||
| CVE-2005-0960 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple vulnerabilities in the SACK functionality in (1) tcp_input.c and (2) tcp_usrreq.c OpenBSD 3.5 and 3.6 allow remote attackers to cause a denial of service (memory exhaustion or system crash). | |||||
| CVE-2005-1952 | 1 Pico Server | 1 Pico Server | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitrary files and execute arbitrary commands via a /./ (slash dot slash) before each .. (dot dot) sequence in the URL, which results in an incorrect directory depth count. | |||||
| CVE-2002-0751 | 1 Cgiscript.net | 1 Csmailto | 2025-04-03 | 7.5 HIGH | N/A |
| CGIscript.net csMailto.cgi program allows remote attackers to use csMailto as a "spam proxy" and send mail to arbitrary users via modified (1) form-to, (2) form-from, and (3) form-results parameters. | |||||
| CVE-2005-1412 | 1 Ecomm | 1 Professional Guestbook | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in verify.asp for Ecomm Professional Guestbook 3.x allows remote attackers to execute arbitrary SQL commands via the AdminPWD parameter. | |||||
| CVE-2001-1449 | 2 Apache, Mandrakesoft | 4 Http Server, Mandrake Linux, Mandrake Linux Corporate Server and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories. | |||||
| CVE-2004-0962 | 1 Apple | 1 Apple Remote Desktop | 2025-04-03 | 10.0 HIGH | N/A |
| Apple Remote Desktop Client 1.2.4 executes a GUI application as root when it is started by an Apple Remote Desktop Administrator application, which allows remote authenticated users to execute arbitrary code when loginwindow is active via Fast User Switching. | |||||
| CVE-2003-0609 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable. | |||||
| CVE-1999-0541 | 2025-04-03 | 7.5 HIGH | N/A | ||
| A password for accessing a WWW URL is guessable. | |||||
| CVE-2004-0272 | 1 Maxwebportal | 1 Maxwebportal | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in MaxWebPortal allows remote attackers to inject arbitrary SQL code and gain sensitive information via the SendTo parameter in Personal Messages. | |||||
| CVE-2005-2211 | 1 Sukria | 1 Backup Manager | 2025-04-03 | 4.6 MEDIUM | N/A |
| Backup Manager 0.5.8a creates temporary files insecurely, which allows local users to conduct unauthorized file operations when a user is burning a CDR. | |||||
| CVE-2005-0617 | 1 Postnuke Software Foundation | 1 Postnuke | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in dl-search.php in PostNuke 0.750 and 0.760-RC2 allows remote attackers to execute arbitrary SQL commands via the show parameter. | |||||
| CVE-2006-0829 | 1 E-blah | 1 Platinum | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in E-Blah Platinum 9.7 allows remote attackers to inject arbitrary web script or HTML via the referer (HTTP_REFERER), which is not sanitized when the log file is viewed by the administrator using "Click Log". | |||||
| CVE-2006-0989 | 1 Veritas | 1 Netbackup | 2025-04-03 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2002-2178 | 1 Phpwebsite | 1 Phpwebsite | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in article.php module for phpWebSite 0.8.3 allows remote attackers to execute arbitrary Javascript script via the sid parameter, as demonstrated using an IMG tag. | |||||
| CVE-2002-0739 | 1 Postnuke Software Foundation | 1 Postcalendar | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page. | |||||
| CVE-2000-0616 | 1 Hp | 1 Mpe Ix | 2025-04-03 | 4.6 MEDIUM | N/A |
| Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain additional privileges via DBUTIL.PUB.SYS. | |||||
| CVE-2006-2997 | 1 Zms Publishing | 1 Zms | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in ZMS 2.9 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the raw parameter in the search field. | |||||