Total
29559 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2484 | 1 Icewarp | 1 Web Mail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.html in IceWarp WebMail 5.5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID parameter. | |||||
| CVE-1999-1250 | 1 Blue World Communications | 1 Lasso Cgi | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vulnerability in CGI program in the Lasso application by Blue World, as used on WebSTAR and other servers, allows remote attackers to read arbitrary files. | |||||
| CVE-2006-3836 | 1 Unidomedia | 1 Chameleon Le | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in UNIDOmedia Chameleon LE 1.203 and earlier, and possibly Chameleon PRO, allows remote attackers to read arbitrary files via the rmid parameter. | |||||
| CVE-2005-0119 | 1 Helvis | 1 Helvis | 2025-04-03 | 2.1 LOW | N/A |
| helvis 1.8h2_1 and earlier allows local users to recover and read the files of other users via the elvrec setuid program. | |||||
| CVE-2005-2685 | 1 Savewebportal | 1 Savewebportal | 2025-04-03 | 7.5 HIGH | N/A |
| SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP code via a direct request to admin/PhpMyExplorer/editerfichier.php, then editing the desired file to contain the PHP code, as demonstrated using header.php in the fichier parameter. NOTE: it is possible that this vulnerability stems from PhpMyExplorer, which is a separate package. | |||||
| CVE-2005-1363 | 1 Metalinks | 1 Metacart2 | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow allow remote attackers to execute arbitrary commands via (1) intCatalogID, (2) strSubCatalogID, or (3) strSubCatalog_NAME parameter to productsByCategory.asp, (4) curCatalogID, (5) strSubCatalog_NAME, (6) intCatalogID, or (7) page parameter to productsByCategory.asp or (8) intProdID parameter to product.asp. | |||||
| CVE-2002-0089 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file. | |||||
| CVE-2002-0399 | 1 Gnu | 1 Tar | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267. | |||||
| CVE-2005-4746 | 1 Freeradius | 1 Freeradius | 2025-04-03 | 7.8 HIGH | N/A |
| Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote attackers to cause denial of service (crash) via (1) the rlm_sqlcounter module or (2) unknown vectors "while expanding %t". | |||||
| CVE-1999-1032 | 1 Digital | 1 Ultrix | 2025-04-03 | 10.0 HIGH | N/A |
| Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 allows attackers to gain root privileges. | |||||
| CVE-2003-0686 | 2 Dave Airlie, Redhat | 2 Pam Smb, Pam Smb | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code. | |||||
| CVE-2006-0366 | 1 Phpclanwebsite | 1 Phpclanwebsite | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Phpclanwebsite (aka PCW) allows remote attackers to inject arbitrary web script or HTML via a javascript URI in a BBCode img tag. | |||||
| CVE-2006-2979 | 1 Viart | 1 Shop | 2025-04-03 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id parameter in forum.php, which is not properly handled in block_forum_topics.php, and (2) item_id parameter in reviews.php, which is not properly handled in block_reviews.php. | |||||
| CVE-1999-0395 | 1 Backweb Technologies | 1 Backweb Polite Agent Protocol | 2025-04-03 | 5.1 MEDIUM | N/A |
| A race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server. | |||||
| CVE-2005-1177 | 2 Usermin, Webmin | 2 Usermin, Webmin | 2025-04-03 | 10.0 HIGH | N/A |
| Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions and ownership of configuration files, with unknown impact. | |||||
| CVE-2005-1452 | 1 S9y | 1 Serendipity | 2025-04-03 | 10.0 HIGH | N/A |
| Serendipity before 0.8 allows Chief users to "hide plugins installed by other users." | |||||
| CVE-2000-0096 | 1 Qualcomm | 1 Qpopper | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST command. | |||||
| CVE-2004-2212 | 1 Alivesites | 1 Alivesites Forum | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum.asp in AliveSites Forums 2.0 allows remote attackers to execute arbitrary SQL commands via the forum_id parameter. | |||||
| CVE-1999-1459 | 1 Bmc | 1 Patrol Agent | 2025-04-03 | 7.2 HIGH | N/A |
| BMC PATROL Agent before 3.2.07 allows local users to gain root privileges via a symlink attack on a temporary file. | |||||
| CVE-2006-3307 | 1 Zoid Technologies | 1 Project Eros Bbsengine | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Project EROS bbsengine before bbsengine-20060429-1550-jam allow remote attackers to execute arbitrary SQL commands via (1) unspecified parameters in the php/comment.php and (2) the getpartialmatches method in php/aolbonics.php. | |||||