Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3335 | 1 Mantis | 1 Mantis | 2025-04-03 | 7.5 HIGH | N/A |
| PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter. | |||||
| CVE-2002-0517 | 1 Caldera | 2 Openunix, Unixware | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in X11 library (libX11) on Caldera Open UNIX 8.0.0, UnixWare 7.1.1, and possibly other operating systems, allows local users to gain root privileges via a long -xrm argument to programs such as (1) dtterm or (2) xterm. | |||||
| CVE-2001-1295 | 1 Grant Averett | 1 Cerberus Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD command. | |||||
| CVE-2006-4963 | 1 Exponent | 1 Exponent Cms | 2025-04-03 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Exponent CMS 0.96.3 allows remote attackers to read and execute arbitrary local files via a .. (dot dot) sequence in the view parameter in the show_view action in the calendarmodule module, as demonstrated by executing PHP code through session files. | |||||
| CVE-2006-1770 | 1 Azerbaijan Development Group | 1 Azdgvote | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Azerbaijan Design & Development Group (AZDG) AzDGVote allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter in (1) vote.php, (2) view.php, (3) admin.php, and (4) admin/index.php. | |||||
| CVE-1999-0095 | 1 Eric Allman | 1 Sendmail | 2025-04-03 | 10.0 HIGH | N/A |
| The debug command in Sendmail is enabled, allowing attackers to execute commands as root. | |||||
| CVE-2000-0578 | 1 Sgi | 1 Mipspro Compilers | 2025-04-03 | 3.7 LOW | N/A |
| SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file names, which could allow local users to insert malicious contents into these files as they are being compiled by another user. | |||||
| CVE-2006-0302 | 1 Zyxel | 1 P2000w Version 2 Voip Wifi Phone | 2025-04-03 | 5.0 MEDIUM | N/A |
| ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 allows remote attackers to obtain sensitive information, such as MAC address and software version, by directly accessing UDP port 9090. | |||||
| CVE-2005-1303 | 1 Citat.pl | 1 Citat.pl | 2025-04-03 | 7.5 HIGH | N/A |
| The citat.pl script allows remote attackers to read arbitrary files via a full pathname in the argument. | |||||
| CVE-2005-0208 | 1 Rob Flynn | 1 Gaim | 2025-04-03 | 5.0 MEDIUM | N/A |
| The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473. | |||||
| CVE-1999-1480 | 1 Ibm | 1 Aix | 2025-04-03 | 1.2 LOW | N/A |
| (1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack. | |||||
| CVE-2005-0312 | 1 War Ftp Daemon | 1 War Ftp Daemon | 2025-04-03 | 2.1 LOW | N/A |
| WarFTPD 1.82 RC9, when running as an NT service, allows remote authenticated users to cause a denial of service (access violation) via a CWD command with a crafted pathname, as demonstrated using a large string of "%s" sequences, possibly indicating a format string vulnerability. | |||||
| CVE-2002-0979 | 1 Microsoft | 1 Virtual Machine | 2025-04-03 | 7.5 HIGH | N/A |
| The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code. | |||||
| CVE-2005-4627 | 2 Gfhost, Gmailsite | 2 Gfhost, Gmailsite | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in (1) GmailSite 1.0 through 1.0.4 and (2) GFHost 0.1.1 through 0.4.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter. | |||||
| CVE-2003-0278 | 1 Happycgi.com | 1 Happymall | 2025-04-03 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to insert arbitrary web script via the file parameter. | |||||
| CVE-2005-1149 | 1 Acnews | 1 Acnews | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/login.asp in aspclick.it ACNews 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters. | |||||
| CVE-2006-4746 | 1 Comscripts | 1 Web Server Creator | 2025-04-03 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in news/include/customize.php in Web Server Creator 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter. | |||||
| CVE-2005-4580 | 1 Day | 1 Communique | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Day Communique 4 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search. | |||||
| CVE-2006-1141 | 1 Inter7 | 1 Qmailadmin | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in qmailadmin.c in QmailAdmin before 1.2.10 allows remote attackers to execute arbitrary code via a long PATH_INFO environment variable. | |||||
| CVE-2006-3518 | 1 Webvizyon.net | 1 Webvizyon Portal | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SayfalaAltList.asp in Webvizyon Portal 2006 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||