Total
29867 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5219 | 1 Moodle | 1 Moodle | 2025-04-09 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in blog/index.php in the blog module in Moodle 1.6.2 allows remote attackers to execute arbitrary SQL commands via a double-encoded tag parameter. | |||||
| CVE-2006-5800 | 1 Xenis | 1 Xenis.creator Cms | 2025-04-09 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in default.asp in xenis.creator CMS allows remote attackers to inject arbitrary web script or HTML via the nav parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-6647 | 1 Drupal | 1 Drupal Mysite | 2025-04-09 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the MySite 4.7.x before 4.7.x-3.3 and 5.x before 5.x-1.3 module for Drupal allows remote attackers to inject arbitrary web script or HTML via the Title field when editing a page. NOTE: some details were obtained from third party information. | |||||
| CVE-2006-7007 | 1 H. Nomura | 1 Tiny Ftpd | 2025-04-09 | 7.8 HIGH | N/A |
| Buffer overflow in Tiny FTPd 1.4 and earlier allows remote attackers to cause a denial of service (daemon crash) via a long USER command, a different vector than CVE-2000-0133. | |||||
| CVE-2009-2861 | 1 Cisco | 2 Aironet Ap1100, Aironet Ap1200 | 2025-04-09 | 7.3 HIGH | N/A |
| The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664. | |||||
| CVE-2007-4426 | 1 Live For Speed | 1 Live For Speed | 2025-04-09 | 5.0 MEDIUM | N/A |
| Live for Speed (LFS) S1 and S2 allows remote attackers to cause a denial of service (server crash) via (1) a certain 0x00 byte in a pre-login ID 3 packet, which triggers a NULL dereference; or (2) a pre-login ID 5 packet that lacks certain strings, which triggers an invalid pointer dereference. | |||||
| CVE-2007-1254 | 1 Connectix | 1 Connectix Boards | 2025-04-09 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in part.userprofile.php in Connectix Boards 0.7 and earlier allows remote authenticated users to execute arbitrary SQL commands and obtain privileges via the p_skin parameter to index.php. | |||||
| CVE-2007-1973 | 1 Microsoft | 1 Windows Nt | 2025-04-09 | 6.9 MEDIUM | N/A |
| Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \Device\PhysicalMemory section handle, a related issue to CVE-2007-1206. | |||||
| CVE-2006-6328 | 1 Torrentflux | 1 Torrentflux | 2025-04-09 | 4.9 MEDIUM | N/A |
| Directory traversal vulnerability in index.php for TorrentFlux 2.2 allows remote attackers to create or overwrite arbitrary files via sequences in the alias_file parameter. | |||||
| CVE-2007-1176 | 1 Web-app.org | 1 Webapp | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WebAPP before 0.9.9.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) Gallery Comments pages, (2) Feedback pages, (3) Search Results pages, and (4) the Statistics Log viewer. | |||||
| CVE-2006-5377 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-09 | 9.0 HIGH | N/A |
| Unspecified vulnerability in PeopleSoft component in Oracle PeopleSoft Enterprise 8.80 GA, 8.90 GA, 8.8 Bundle 11, and 8.9 Bundle 4 has unknown impact and remote authenticated attack vectors, aka Vuln# PSE05. | |||||
| CVE-2006-6453 | 1 J-owamp | 1 Web Interface | 2025-04-09 | 6.5 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in JOWAMP_ShowPage.php in J-OWAMP Web Interface 2.1 allows remote authenticated users to execute arbitrary PHP code via a URL in the link parameter. | |||||
| CVE-2007-0864 | 1 Lushiwarplaner | 1 Lushiwarplaner | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in register.php in LushiWarPlaner 1.0 allows remote attackers to inject arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-5523 | 1 Ez-ticket | 1 Ez-ticket | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in common.php in EZ-Ticket 0.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the ezt_root_path parameter. | |||||
| CVE-2007-1385 | 1 Joris Guisson | 1 Ktorrent | 2025-04-09 | 7.5 HIGH | N/A |
| chunkcounter.cpp in KTorrent before 2.1.2 allows remote attackers to cause a denial of service (crash) and heap corruption via a negative or large idx value. | |||||
| CVE-2007-3358 | 1 Iptel | 1 Serweb | 2025-04-09 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in html/load_lang.php in SerWeb 0.9.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _SERWEB[serwebdir] parameter. | |||||
| CVE-2007-2329 | 1 Searchactivity | 1 Searchactivity | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in searchbot.php in Searchactivity allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | |||||
| CVE-2007-0328 | 1 Macrovision | 2 Flexnet Connect, Update Service | 2025-04-09 | 9.3 HIGH | N/A |
| The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method. | |||||
| CVE-2006-7020 | 1 Oliver Georgi | 1 Phpwcms | 2025-04-09 | 7.8 HIGH | N/A |
| CRLF injection vulnerability in (1) include/inc_act/act_formmailer.php and possibly (2) sample_ext_php/mail_file_form.php in phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to modify HTTP headers and send spam e-mail via a spoofed HTTP Referer (HTTP_REFERER). | |||||
| CVE-2007-4388 | 1 2wire | 2 1701hg Router, 2071 Router | 2025-04-09 | 10.0 HIGH | N/A |
| 2wire 1701HG and 2071 Gateway routers, with 5.29.51 and possibly 3.17.5 software, have a blank password by default. | |||||