Total
29868 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1972 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote attackers to execute arbitrary SQL code via the (1) clipid or (2) catid parameters in a viewclip, viewcat, or voteclip action. | |||||
| CVE-2006-1194 | 1 Enet | 1 Enet Library | 2025-04-03 | 5.0 MEDIUM | N/A |
| Integer signedness error in the enet_protocol_handle_incoming_commands function in protocol.c for ENet library CVS version Jul 2005 and earlier, as used in products including (1) Cube, (2) Sauerbraten, and (3) Duke3d_w32, allows remote attackers to cause a denial of service (application crash) via a packet with a large command length value, which leads to an invalid memory access. | |||||
| CVE-2005-1230 | 1 Magnus Lundvall | 1 Yawcam | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Yawcam 0.2.5 allows remote attackers to read arbitrary files via "..\" (dot dot backslash) sequences in a GET request. | |||||
| CVE-2006-0356 | 1 Ari Pikivirta | 1 Home Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Ari Pikivirta Home Ftp Server 1.0.7 allows remote attackers to cause an unspecified denial of service via a long USER command combined with a long PASS command. | |||||
| CVE-2000-1157 | 1 Network Associates | 1 Sniffer Agent | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in NAI Sniffer Agent allows remote attackers to execute arbitrary commands via a long SNMP community name. | |||||
| CVE-2002-0111 | 1 Funsoft | 1 Dinos Webserver | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Funsoft Dino's Webserver 1.2 and earlier allows remote attackers to read files or execute arbitrary commands via a .. (dot dot) in the URL. | |||||
| CVE-2006-1668 | 1 Crafty Syntax Image Gallery | 1 Crafty Syntax Image Gallery | 2025-04-03 | 9.0 HIGH | N/A |
| newimage.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PHP thumbnail Photo Gallery) 3.1g and earlier allows remote authenticated users to upload and execute arbitrary PHP code via a multipart/form-data POST with a .jpg filename in the fullimage parameter and the ext parameter set to .php. | |||||
| CVE-2006-0099 | 1 Valdersoft | 1 Valdersoft Shopping Cart | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file include vulnerability in (1) include/templates/categories/default.php and (2) certain other include/templates/categories/ PHP scripts in Valdersoft Shopping Cart 3.0 allows remote attackers to execute arbitrary code via a URL in the catalogDocumentRoot parameter. | |||||
| CVE-2002-0384 | 1 Rob Flynn | 1 Gaim | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code. | |||||
| CVE-2005-4528 | 1 Chatspot | 1 Chatspot | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Chatspot 2.0.0a7 module for phpBB allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2005-4630 | 1 Clientexec | 1 Clientexec | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ClientExec 2.3 allows remote attackers to execute arbitrary SQL commands via the (1) billshowid, (2) billdetailid, (3) fuse, and (4) frmClientID parameters. | |||||
| CVE-2005-2400 | 1 Phpfinance | 1 Phpfinance | 2025-04-03 | 7.5 HIGH | N/A |
| The inc.login.php scripts in PHPFinance 0.3 allows remote attackers to bypass the login and gain privileges. | |||||
| CVE-2003-0270 | 1 Apple | 1 802.11n | 2025-04-03 | 7.6 HIGH | N/A |
| The administration capability for Apple AirPort 802.11 wireless access point devices uses weak encryption (XOR with a fixed key) for protecting authentication credentials, which could allow remote attackers to obtain administrative access via sniffing when the capability is available via Ethernet or non-WEP connections. | |||||
| CVE-2002-1031 | 1 Key Focus | 1 Kf Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character. | |||||
| CVE-2006-3937 | 1 Xguestbook | 1 Xguestbook | 2025-04-03 | 5.0 MEDIUM | N/A |
| post.php in x_atrix xGuestBook 1.02 allows remote attackers to obtain sensitive information via a request without the (1) user, (2) mail, (3) p, or (4) url parameter, which reveals the installation path in an error message. | |||||
| CVE-2005-1144 | 1 Easyphpcalendar | 1 Easyphpcalendar | 2025-04-03 | 5.0 MEDIUM | N/A |
| popup.php in EasyPHPCalendar before 6.2.8 allows remote attackers to obtain sensitive information via an invalid ev parameter, which reveals the full pathname of the web server in a PHP error message. | |||||
| CVE-2004-0074 | 1 Michael Bischoff | 1 Xsok | 2025-04-03 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in xsok 1.02 allows local users to gain privileges via (1) a long LANG environment variable, or (2) a long -xsokdir command line argument, a different vulnerability than CVE-2003-0949. | |||||
| CVE-2002-1306 | 1 Kde | 1 Kde | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL. | |||||
| CVE-2004-1764 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors. | |||||
| CVE-2005-4054 | 1 Pluggedout | 1 Pluggedout Blog | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PluggedOut Blog 1.9.5 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categoryid, (2) entryid, (3) year, (4) month, and (5) day parameter. | |||||