Total
29562 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0737 | 1 Sambar | 1 Sambar Server | 2025-04-03 | 6.4 MEDIUM | N/A |
| Sambar web server before 5.2 beta 1 allows remote attackers to obtain source code of server-side scripts, or cause a denial of service (resource exhaustion) via DOS devices, using a URL that ends with a space and a null character. | |||||
| CVE-2004-2232 | 1 Moodle | 1 Moodle | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sql.php in the Glossary module in Moodle 1.4.1 and earlier allows remote attackers to modify SQL statements. | |||||
| CVE-2006-4362 | 1 Dieselscripts | 1 Diesel Paid Mail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in getad.php in Diesel Paid Mail allows remote attackers to inject arbitrary web script or HTML via the ps parameter. | |||||
| CVE-2005-3512 | 1 Vubb | 1 Vubb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via the t parameter in a newreply action. | |||||
| CVE-2005-3931 | 1 Asp-rider | 1 Asp-rider | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in ASP-Rider 1.6 allows remote attackers to execute arbitrary SQL commands via the HTTP referer. | |||||
| CVE-2005-3411 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in post.asp in Snitz Forums 2000 3.4.05 allows remote attackers to inject arbitrary web script or HTML via the type parameter in a Topic method. | |||||
| CVE-2004-1592 | 1 Ocportal | 1 Ocportal | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in ocPortal 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the req_path parameter to reference a URL on a remote web server that contains a malicious funcs.php script. | |||||
| CVE-2002-1119 | 1 Python | 1 Python | 2025-04-03 | 4.6 MEDIUM | N/A |
| os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names, which could allow local users to execute arbitrary code via a symlink attack. | |||||
| CVE-2004-0690 | 1 Kde | 1 Kde | 2025-04-03 | 4.6 MEDIUM | N/A |
| The DCOPServer in KDE 3.2.3 and earlier allows local users to gain unauthorized access via a symlink attack on DCOP files in the /tmp directory. | |||||
| CVE-2003-0266 | 1 Bvrp Software | 1 Slwebmail | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in SLWebMail 3 on Windows systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long Language parameter to showlogin.dll, (2) a long CompanyID parameter to recman.dll, (3) a long CompanyID parameter to admin.dll, or (4) a long CompanyID parameter to globallogin.dll. | |||||
| CVE-2006-0785 | 1 Phpkit | 1 Phpkit | 2025-04-03 | 6.4 MEDIUM | N/A |
| Absolute path traversal vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier allows remote attackers to include and execute arbitrary local files via a direct request with a path parameter with a null character and beginning with (1) '/' (slash) for an absolute pathname or (2) a drive letter (such as "C:"), which bypasses checks for ".." sequences and trailing ".php" extensions. | |||||
| CVE-2004-2132 | 1 Pj Cgi Neo Review | 1 Pj Cgi Neo Review | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter. | |||||
| CVE-2006-0083 | 1 Stefan Frings | 1 Sms Server Tools | 2025-04-03 | 4.6 MEDIUM | N/A |
| Format string vulnerability in the logging code of SMS Server Tools (smstools) 1.14.8 and earlier allows local users to execute arbitrary code via unspecified attack vectors. | |||||
| CVE-2000-1045 | 1 Padl Software | 1 Nss Ldap | 2025-04-03 | 1.2 LOW | N/A |
| nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests. | |||||
| CVE-1999-0508 | 2025-04-03 | 4.6 MEDIUM | N/A | ||
| An account on a router, firewall, or other network device has a default, null, blank, or missing password. | |||||
| CVE-2006-4380 | 1 Mysql | 1 Mysql | 2025-04-03 | 2.1 LOW | N/A |
| MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects. | |||||
| CVE-2005-0657 | 1 Computalynx | 1 Cproxy | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in Computalynx CProxy 3.3.x and 3.4.x through 3.4.4 allows remote attackers to read arbitrary files or cause a denial of service (application crash) via a .. (dot dot) in an HTTP request. | |||||
| CVE-2001-0777 | 1 Omnicron | 1 Omnihttpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests for PHP scripts. | |||||
| CVE-2001-1580 | 2 Nombas, Novell | 2 Scriptease Webserver, Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string. | |||||
| CVE-1999-0421 | 1 Slackware | 1 Slackware Linux | 2025-04-03 | 7.2 HIGH | N/A |
| During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password. | |||||