Total
29809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1530 | 1 Rob Sutton | 1 Php-nuke Event Calendar | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the (1) eid or (2) cid parameters. | |||||
| CVE-2004-0321 | 1 Singularity Software | 1 Team Factor | 2025-04-03 | 5.0 MEDIUM | N/A |
| Team Factor 1.25 and earlier allows remote attackers to cause a denial of service (crash) via a packet that uses a negative number to specify the size of the data block that follows, which causes Team Factor to read unallocated memory. | |||||
| CVE-2006-4779 | 1 Phpbb Group | 1 Vitrax Premodded Phpbb | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/functions_portal.php in Vitrax Premodded phpBB 1.0.6-R3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2005-4490 | 1 Commercial Interactive Media | 1 Scoop | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SCOOP! 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) keyword and (2) invalid parameter to articleSearch.asp; (3) username and (4) invalid parameter to lostPassword.asp; (5) Username, (6) Password, and (7) invalid parameter to account_login.asp; (8) area, (9) articleZoneID, (10) r, and (11) invalid parameters to category.asp; and invalid parameters to (12) articleZone.asp, (13) prePurchaserRegistration.asp, and (14) requestDemo.asp. | |||||
| CVE-2006-1912 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | 5.8 MEDIUM | N/A |
| MyBB (MyBulletinBoard) 1.1.0 does not set the constant KILL_GLOBAL variable in (1) global.php and (2) inc/init.php, which allows remote attackers to initialize arbitrary variables that are processed by an @extract command, which could then be leveraged to conduct cross-site scripting (XSS) or SQL injection attacks. | |||||
| CVE-2002-1090 | 1 Libesmtp | 1 Libesmtp | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in read_smtp_response of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to (1) execute arbitrary code via a certain response or (2) cause a denial of service via long server responses. | |||||
| CVE-2002-2148 | 1 Lucent | 3 Ascend Max Router, Ascend Pipeline Router, Dslterminator | 2025-04-03 | 5.0 MEDIUM | N/A |
| Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP address of the Ethernet interface via a discard (UDP port 9) packet, which causes the device to leak the information in the response. | |||||
| CVE-2005-0788 | 1 Limewire | 1 Limewire | 2025-04-03 | 5.0 MEDIUM | N/A |
| LimeWire 4.1.2 through 4.5.6 allows remote attackers to read arbitrary files by specifying the full pathname in a Gnutella GET request. | |||||
| CVE-2006-4276 | 1 Tutti Nova | 1 Tutti Nova | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to novalib/class.novaEdit.mysql.php. | |||||
| CVE-2002-2021 | 1 Woltlab | 1 Burning Board | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WoltLab Burning Board (wbboard) 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the message parameter. | |||||
| CVE-2002-0829 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system. | |||||
| CVE-2004-0803 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. | |||||
| CVE-2005-1746 | 2 Bea, Oracle | 2 Weblogic Server, Weblogic Portal | 2025-04-03 | 5.0 MEDIUM | N/A |
| The cluster cookie parsing code in BEA WebLogic Server 7.0 through Service Pack 5 attempts to contact any host or port specified in a cookie, even when it is not in the cluster, which allows remote attackers to cause a denial of service (cluster slowdown) via modified cookies. | |||||
| CVE-2005-2603 | 1 My Image Gallery | 1 My Image Gallery | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the (1) currDir or (2) image parameters. | |||||
| CVE-2006-4970 | 1 Wahm E-commerce | 1 Pie Cart Pro | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in enc/content.php in WAHM E-Commerce Pie Cart Pro allows remote attackers to execute arbitrary PHP code via a URL in the Home_Path parameter. | |||||
| CVE-2005-4623 | 1 Efilego | 1 Efilego | 2025-04-03 | 5.0 MEDIUM | N/A |
| upload.exe in eFileGo 3.01 allows remote attackers to cause a denial of service (CPU consumption) via an argument with an invalid directory name. | |||||
| CVE-2004-0664 | 1 Powerportal | 1 Powerportal | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in modules.php in PowerPortal 1.x allows remote attackers to list arbitrary directories via a .. (dot dot) in the files parameter. | |||||
| CVE-2002-1825 | 1 Wasd | 1 Wasd Http Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| Format string vulnerability in PerlRTE_example1.pl in WASD 7.1, 7.2.0 through 7.2.3, and 8.0.0 allows remote attackers to execute arbitrary commands or crash the server via format strings in the $name variable. | |||||
| CVE-2004-0686 | 2 Samba, Trustix | 2 Samba, Secure Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. | |||||
| CVE-2006-0567 | 1 Curtis Farnham | 1 Files Xaraya Module | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Files Xaraya module before 0.5.1, when the Archive Directory field on the Modify Config page is blank, allows remote attackers to access files outside of the web root via ".." (dot dot) sequences. | |||||