Total
29866 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1495 | 1 Rarlab | 1 Winrar | 2025-04-03 | 2.6 LOW | N/A |
| The Repair Archive command in WinRAR 3.40 allows remote attackers to cause a denial of service (application crash) via a corrupt ZIP archive. | |||||
| CVE-2006-0846 | 1 Leif M. Wright | 1 Web Blog | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Leif M. Wright's Blog 3.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Referer and (2) User-Agent HTTP headers, which are stored in a log file and not sanitized when the administrator views the "Log" page, possibly using the ViewCommentsLog function. | |||||
| CVE-2006-1839 | 1 Php Album | 1 Php Album | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in language.php in PHP Album 0.3.2.3, when register_globals is enabled, allows remote attackers to execute arbitrary code via an FTP URL in the data_dir parameter, which satisfies the file_exists function call. | |||||
| CVE-2006-1979 | 1 Manic Web | 1 Mwguest | 2025-04-03 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in mwguest.php in Manic Web MWGuest 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the homepage parameter. | |||||
| CVE-2005-3936 | 1 Socketkb | 1 Socketkb | 2025-04-03 | 7.5 HIGH | N/A |
| PHP file include vulnerability in SocketKB 1.1.0 and earlier allows remote attackers to include arbitrary local files via the __f parameter. | |||||
| CVE-2006-2499 | 1 Xfairguy | 1 Codeavalanche News | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in CodeAvalanche News (CANews) 1.2 allows remote attackers to execute arbitrary SQL commands via the password field. | |||||
| CVE-2001-1241 | 1 Steve Grimm | 1 Un-cgi | 2025-04-03 | 7.5 HIGH | N/A |
| Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document that begins with "#!" and the desired program name. | |||||
| CVE-1999-1533 | 1 Trend Micro | 1 Interscan Viruswall | 2025-04-03 | 7.5 HIGH | N/A |
| Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause a denial of service (hang) via a long password argument to the login.htm file in its HTTP service. | |||||
| CVE-1999-1522 | 1 Roxen | 1 Roxen Web Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and earlier, possibly related to recursive parsing and referer tags in RXML. | |||||
| CVE-2001-1113 | 1 Trolltech | 1 Trollftpd | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R (recursive) command. | |||||
| CVE-2006-2876 | 1 Deltascripts | 1 Php Pro Publish | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cat.php in PHP Pro Publish 2.0 allows remote attackers to inject arbitrary web script or HTML via the catname parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2002-1056 | 1 Microsoft | 2 Outlook, Word | 2025-04-03 | 7.5 HIGH | N/A |
| Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to. | |||||
| CVE-2003-0983 | 1 Cisco | 2 80-7111-01 For The Unity-svrx255-1a, 80-7112-01 For The Unity-svrx255-2a | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP server is unavailable, a DHCP server on the manufacturer's test network. | |||||
| CVE-2000-0642 | 1 Itafrica | 1 Webactive | 2025-04-03 | 5.0 MEDIUM | N/A |
| The default configuration of WebActive HTTP Server 1.00 stores the web access log active.log in the document root, which allows remote attackers to view the logs by directly requesting the page. | |||||
| CVE-2006-0839 | 1 Sourcefire | 1 Snort | 2025-04-03 | 5.0 MEDIUM | N/A |
| The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths. | |||||
| CVE-2002-2011 | 1 Jon Howell | 1 Faq-o-matic | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the fom CGI program (fom.cgi) in Faq-O-Matic 2.711 and 2.712 allows remote attackers to inject arbitrary web script or HTML via the file parameter. | |||||
| CVE-2004-1679 | 1 Jigunet | 2 Twinftp Enterprise, Twinftp Standard | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote attackers to create arbitrary files via a .../ (triple dot) in the (1) CWD, (2) STOR, or (3) RETR commands. | |||||
| CVE-2006-1995 | 1 Scry Gallery | 1 Scry Gallery | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Scry Gallery 1.1 allows remote attackers to read arbitrary files via ".." sequences in the p parameter, which is not properly sanitized due to an rtrim function call with the arguments in the wrong order. | |||||
| CVE-2005-1608 | 1 Spidean | 2 At-lite, Autotheme | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple unknown vulnerabilities in the Blocks module in Spidean AutoTheme 1.7 and AT-Lite for PostNuke have unknown impact. | |||||
| CVE-2001-0694 | 1 Texas Imperial Software | 1 Wftpd | 2025-04-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD command. | |||||