Total
29802 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0592 | 1 Sapporoworks | 1 Sapporoworks Winproxy | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitrary commands via long USER, PASS, LIST, RETR, or DELE commands. | |||||
| CVE-2003-0651 | 1 Mod Mylo | 1 Mod Mylo | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2006-1707 | 1 Kansok Communications | 1 Shopweezle | 2025-04-03 | 5.0 MEDIUM | N/A |
| index.php in Shopweezle 2.0 allows remote attackers to include arbitrary local files via the url parameter. | |||||
| CVE-2004-1501 | 1 Software602 | 1 602lan Suite | 2025-04-03 | 5.0 MEDIUM | N/A |
| The webmail service in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) by sending a POST request with a large Content-Length value, then disconnecting without sending that amount of data. | |||||
| CVE-2001-0583 | 1 Alt-n | 1 Mdaemon | 2025-04-03 | 5.0 MEDIUM | N/A |
| Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a denial of service via the URL request of a MS-DOS device (such as GET /aux) to (1) the Worldclient service at port 3000, or (2) the Webconfig service at port 3001. | |||||
| CVE-2006-0831 | 1 Tasarim Rehberi | 1 Tasarim Rehberi | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file include vulnerability in index.php in Tasarim Rehberi allows remote attackers to execute arbitrary PHP code via a URL in the (1) sayfaadi or (2) sayfa parameter. NOTE: this might be a site-specific issue. If so, it should not be included in CVE. | |||||
| CVE-2006-2673 | 1 E-board | 1 Elite-board | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.html in Bulletin Board Elite-Board (E-Board) 1.1 allows remote attackers to inject arbitrary web script or HTML via the search box. | |||||
| CVE-2006-2400 | 1 Outgun | 1 Outgun | 2025-04-03 | 7.8 HIGH | N/A |
| The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (game interruption) via large packets, which cause an exception to be thrown. | |||||
| CVE-2004-0852 | 1 Htget | 1 Htget | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in htget 0.93 allows remote attackers to execute arbitrary code via a crafted URL. | |||||
| CVE-2005-0108 | 1 Apache | 1 Mod Auth Radius | 2025-04-03 | 5.0 MEDIUM | N/A |
| Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument. | |||||
| CVE-2002-0475 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 5.1 MEDIUM | N/A |
| Cross-site scripting vulnerability in phpBB 1.4.4 and earlier allows remote attackers to execute arbitrary Javascript on web clients by embedding the script within an IMG image tag while editing a message. | |||||
| CVE-2006-1891 | 1 Betaboard | 1 Betaboard | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Martin Scheffler betaboard 0.1 allows remote attackers to inject arbitrary web script or HTML via a user's profile, possibly using the FormVal_profile parameter. NOTE: it is not clear whether this is a distributable product or a site-specific vulnerability. If it is site-specific, then it should not be included in CVE. | |||||
| CVE-2002-0926 | 1 Wolfram Research | 1 Webmathematica | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Wolfram Research webMathematica 1.0.0 and 1.0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the MSPStoreID parameter. | |||||
| CVE-2006-4209 | 1 Webinsta | 1 Mailing List Manager | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in install3.php in WEBInsta Mailing List Manager 1.3e allows remote attackers to execute arbitrary PHP code via a URL in the cabsolute_path parameter. | |||||
| CVE-2005-0812 | 1 Notify Technology | 1 Notifylink | 2025-04-03 | 5.0 MEDIUM | N/A |
| The web interface in NotifyLink 3.0 displays passwords in cleartext on the administrative page, which could allow remote attackers or local users to obtain sensitive information. | |||||
| CVE-2004-1071 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2025-04-03 | 7.2 HIGH | N/A |
| The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. | |||||
| CVE-2005-3895 | 1 Otrs | 1 Otrs | 2025-04-03 | 5.8 MEDIUM | N/A |
| Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3, when AttachmentDownloadType is set to inline, renders text/html e-mail attachments as HTML in the browser when the queue moderator attempts to download the attachment, which allows remote attackers to execute arbitrary web script or HTML. NOTE: this particular issue is referred to as XSS by some sources. | |||||
| CVE-2004-1588 | 1 Gosmart | 1 Gosmart Message Board | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in GoSmart Message Board allows remote attackers to execute arbitrary SQL code via the (1) QuestionNumber and Category parameters to Forum.asp or (2) Username and Password parameter to Login_Exec.asp. | |||||
| CVE-2005-1296 | 1 Include.cgi | 1 Include.cgi | 2025-04-03 | 7.5 HIGH | N/A |
| include.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | |||||
| CVE-2006-1392 | 1 University Of Washington | 1 Pubcookie | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in the login server in University of Washington Pubcookie 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified inputs. | |||||