Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1315 | 1 Neocrome | 1 Land Down Under | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auth.php in Land Down Under (LDU) v601 and earlier allows remote attackers to execute arbitrary SQL commands. | |||||
| CVE-2002-1058 | 1 Cobalt | 1 Qube | 2025-04-03 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in splashAdmin.php for Cobalt Qube 3.0 allows local users and remote attackers, to gain privileges as the Qube Admin via .. (dot dot) sequences in the sessionId cookie that point to an alternate session file. | |||||
| CVE-2005-1877 | 1 Lpanel | 1 Lpanel | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in view_ticket.php in Lpanel 1.59 and earlier allows remote attackers to inject arbitrary web script or HTML and obtain sensitive information via the pid parameter. | |||||
| CVE-2002-2014 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | 5.0 MEDIUM | N/A |
| Lotus Domino 5.0.8 web server returns different error messages when a valid or invalid user is provided in HTTP requests, which allows remote attackers to determine valid user names and makes it easier to conduct brute force attacks. | |||||
| CVE-2006-2037 | 1 Thwboard | 1 Thwboard | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Thwboard 3.0 Beta 2.84 allows remote attackers to inject arbitrary web script or HTML via the navpath parameter. | |||||
| CVE-2000-1107 | 1 Suse | 1 Suse Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash. | |||||
| CVE-2003-0169 | 1 Hp | 1 Instant Toptools | 2025-04-03 | 5.0 MEDIUM | N/A |
| hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop. | |||||
| CVE-2000-1116 | 1 Transsoft | 1 Broker Ftp Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in TransSoft Broker FTP Server before 4.3.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long command. | |||||
| CVE-2006-2713 | 1 Secure Elements | 1 C5 Enterprise Vulnerability Management | 2025-04-03 | 5.0 MEDIUM | N/A |
| Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 generates predictable CEIDs, which allows remote attackers to determine the CEID of a protected asset, which can be used in other attacks against AVR. | |||||
| CVE-2002-1376 | 2 Oracle, Symantec Veritas | 3 Mysql, Netbackup Advanced Reporter, Netbackup Global Data Manager | 2025-04-03 | 7.5 HIGH | N/A |
| libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2006-2359 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in charts.php in the Chart mod for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this issue might be resultant from SQL injection. | |||||
| CVE-2003-0626 | 1 Peoplesoft | 1 Peopletools | 2025-04-03 | 5.0 MEDIUM | N/A |
| psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments. | |||||
| CVE-2006-4034 | 1 Moderngigabyte | 1 Modernbill | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/html/config.php in ModernGigabyte ModernBill 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the DIR parameter. | |||||
| CVE-2004-1720 | 1 Merak | 1 Mail Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The (1) address.html and possibly (2) calendar.html pages in Merak Mail Server 5.2.7 allow remote attackers to gain sensitive information via an invalid HTTP request, which reveals the installation path. NOTE: it is unclear whether the calendar.html is an exposure, since the path is leaked in web logs that may only be available to the administrators, who would have access to the path through legitimate means. | |||||
| CVE-2004-1899 | 1 Tildeslash | 1 Monit | 2025-04-03 | 5.0 MEDIUM | N/A |
| The administration interface in Monit 1.4 through 4.2 allows remote attackers to cause an off-by-one overflow via a POST that contains 1024 bytes. | |||||
| CVE-1999-1543 | 1 Apple | 1 Macos | 2025-04-03 | 4.6 MEDIUM | N/A |
| MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File. | |||||
| CVE-2006-4584 | 1 Tr Forum | 1 Tr Forum | 2025-04-03 | 7.5 HIGH | N/A |
| Tr Forum 2.0 allows remote attackers to bypass authentication and add an administrative account via the login and password parameters to admin/insert_admin.php. | |||||
| CVE-2002-1551 | 1 Ibm | 1 Aix | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code. | |||||
| CVE-2005-2882 | 1 Phpcommunitycalendar | 1 Phpcommunitycalendar | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpCommunityCalendar 4.0.3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the LocationID parameter to (1) thankyou.php or (2) day.php, font parameter to (3) calDaily.php, (4) calMonthly.php, (5) calMonthlyP.php, (6) calWeekly.php, (7) calWeeklyP.php, (8) calYearly.php, (9) calYearlyP.php, (10) day.php, or (11) week.php, or (12) CeTi, (13) Contact, (14) Description, (15) ShowAddress parameter to event.php, and other attack vectors. | |||||
| CVE-2005-0933 | 1 Coinsoft Technologies | 1 Phpcoin | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.1b and earlier allows remote attackers to read arbitrary files via the page parameter. | |||||