Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0915 | 1 Webmasters-debutants | 1 Wd Guestbook | 2025-04-03 | 7.5 HIGH | N/A |
| Webmasters-Debutants WD Guestbook 2.8 allows remote attackers to bypass authentication and perform certain administrator actions via a direct HTTP POST request to (1) ajout_admin2.php or (2) suppr.php. | |||||
| CVE-2001-0321 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | 5.0 MEDIUM | N/A |
| opendir.php script in PHP-Nuke allows remote attackers to read arbitrary files by specifying the filename as an argument to the requesturl parameter. | |||||
| CVE-2002-1342 | 1 Smb2www | 1 Smb2www | 2025-04-03 | 7.5 HIGH | N/A |
| Unknown vulnerability in smb2www 980804-16 and earlier allows remote attackers to execute arbitrary commands. | |||||
| CVE-2004-0248 | 1 Phpx | 1 Phpx | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in PHPX 3.2.3 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into (1) keywords argument of main.inc.php, (2) body argument of help.inc.php, or (3) the subject field in Personal Messages and Forum. | |||||
| CVE-2004-0010 | 1 Linux | 1 Linux Kernel | 2025-04-03 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges. | |||||
| CVE-2003-0846 | 1 Suse | 1 Suse Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
| SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .java_wrapper temporary file. | |||||
| CVE-2005-2638 | 1 Phpfreenews | 1 Phpfreenews | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) NewsMode parameter to NewsCategoryForm.php, or the (2) Match or (3) NewsMode parameter to SearchResults.php. | |||||
| CVE-2002-2057 | 1 Teekai | 1 Teekai Forum | 2025-04-03 | 5.0 MEDIUM | N/A |
| TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP's visiting the site by dividing each octet by the MD5 hash of '20'. | |||||
| CVE-2006-4615 | 1 Shape Services | 1 Im\+ Mobile Instant Messenger | 2025-04-03 | 4.9 MEDIUM | N/A |
| Shape Services IM+ Mobile Instant Messenger for Pocket PC 3.10 stores usernames and passwords in plaintext in %PROGRAMFILES%\IMPlus\implus.cfg, which allows local users to obtain sensitive information by reading the file. | |||||
| CVE-2006-3257 | 1 Claroline | 1 Claroline | 2025-04-03 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.7.7 allow remote attackers to inject arbitrary HTML or web script via unspecified attack vectors, possibly including (1) calendar/myagenda.php, (2) document/document.php, (3) phpbb/newtopic.php, (4) tracking/userLog.php, and (5) wiki/page.php. | |||||
| CVE-2004-1772 | 1 Gnu | 1 Sharutils | 2025-04-03 | 4.6 MEDIUM | N/A |
| Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument. | |||||
| CVE-2002-1040 | 1 Ibm | 1 Aix | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames. | |||||
| CVE-2004-1532 | 1 Appserv Open Project | 1 Appserv | 2025-04-03 | 7.5 HIGH | N/A |
| AppServ 2.5.x and earlier installs a default username and password, which allows remote attackers to gain access. | |||||
| CVE-2000-0030 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database. | |||||
| CVE-2005-4492 | 1 Starphire Technologies | 5 Sitesage, Sitesage-ee, Sitesage-le and 2 more | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Starphire SiteSage 5.0.18 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the norelay_highlight_words parameter. | |||||
| CVE-2004-0710 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
| IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet. | |||||
| CVE-2005-1093 | 1 Popup Plus Plugin | 1 Popup Plus Plugin For Miranda Im | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the PopUp Plus 2.0.3.8 plugin for Miranda IM, with "Use SmileyAdd Setting" enabled, allows remote attackers to execute arbitrary code. | |||||
| CVE-2004-1698 | 1 Leadmind | 1 Popmessenger | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Base64 function in PopMessenger 1.60 (before 20 Sep 2004) and earlier allows remote attackers to cause a denial of service (application crash) via invalid characters in a message, which causes several alert dialogs to be displayed and leads to a crash. | |||||
| CVE-2004-1952 | 1 Advanced Guestbook | 1 Advanced Guestbook | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Advanced Guestbook 2.2 allows remote attackers to execute arbitrary SQL commands and gain privileges via the password. | |||||
| CVE-2002-0739 | 1 Postnuke Software Foundation | 1 Postcalendar | 2025-04-03 | 7.5 HIGH | N/A |
| Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page. | |||||