Total
255192 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2729 | 1 Jan Chmelik | 1 Photoalbum Bandw | 2024-02-04 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in superalbum/index.php in Photoalbum B&W 1.3 allows remote attackers to inject arbitrary web script or HTML via the gal parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-0562 | 1 Microsoft | 1 Msn Messenger | 2024-02-04 | 7.5 HIGH | N/A |
| GIF file validation error in MSN Messenger 6.2 allows remote attackers in a user's contact list to execute arbitrary code via a GIF image with an improper height and width. | |||||
| CVE-2006-1804 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sql_query parameter. | |||||
| CVE-2006-2296 | 1 Keyvan1.com | 1 Edirectorypro | 2024-02-04 | 6.4 MEDIUM | N/A |
| SQL injection vulnerability in search_result.asp in EDirectoryPro 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2006-1807 | 1 Musicbox | 1 Musicbox | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Musicbox 2.3.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) start parameter in a search action or (2) type parameter in a top action. | |||||
| CVE-2006-3138 | 1 Accomplishtechnology | 1 Phpmydirectory | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyDirectory 10.4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PIC parameter in offers-pix.php, (2) from parameter in cp/index.php, and (3) action parameter in cp/admin_index.php. | |||||
| CVE-2005-3797 | 1 Alstrasoft | 1 Template Seller | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in payment_paypal.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary PHP code via the config[basepath] parameter. | |||||
| CVE-2005-3734 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the "add content" page in phpMyFAQ 1.5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) thema, (2) username, and (3) usermail parameters. | |||||
| CVE-2005-0612 | 1 Cisco | 7 Ipvc-3510-mcu, Ipvc-3520-gw-2b, Ipvc-3520-gw-2b2v and 4 more | 2024-02-04 | 7.5 HIGH | N/A |
| Cisco IP/VC Videoconferencing System 3510, 3520, 3525 and 3530 contain hard-coded default SNMP community strings, which allows remote attackers to gain access, cause a denial of service, and modify configuration. | |||||
| CVE-2006-0417 | 1 Mywebland | 1 Minibloggie | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in miniBloggie 1.0 and earlier, when gpc_magic_quotes is disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameters. | |||||
| CVE-2004-1061 | 1 Mozilla | 1 Bugzilla | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, including 2.16.x before 2.16.11, allows remote attackers to inject arbitrary HTML and web script via forced error messages, as demonstrated using the action parameter. | |||||
| CVE-2006-0337 | 1 F-secure | 4 F-secure Anti-virus, F-secure Internet Security, Internet Gatekeeper and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives. | |||||
| CVE-2005-1755 | 1 Php Poll Creator | 1 Php Poll Creator | 2024-02-04 | 6.4 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in poll_vote.php in PHP Poll Creator 1.01 allows remote attackers to execute arbitrary PHP code via the relativer_pfad parameter. | |||||
| CVE-2006-4373 | 1 Derek Leung | 1 Pslash | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in modules/visitors2/include/config.inc.php in pSlash 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter. | |||||
| CVE-2005-0245 | 1 Postgresql | 1 Postgresql | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE-2005-0247. | |||||
| CVE-2005-0208 | 1 Rob Flynn | 1 Gaim | 2024-02-04 | 5.0 MEDIUM | N/A |
| The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473. | |||||
| CVE-2006-1142 | 1 Solido Systems | 1 Ravenous Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Ravenous Web Server before 0.7.1 allows remote attackers to access arbitrary rvplg files, with unknown impact. | |||||
| CVE-2006-0794 | 1 V-webmail | 1 V-webmail | 2024-02-04 | 5.0 MEDIUM | N/A |
| help.php in V-webmail 1.6.2 allows remote attackers to obtain the installation path via unspecified invalid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-3347 | 1 Devilz Clanportal | 1 Devilz Clanportal | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in deV!Lz Clanportal DZCP 1.3.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2005-4646 | 1 Pearlinger | 1 Pearl Forums | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in index.php in PEARLINGER Pearl Forums 2.4 allows remote attackers to include arbitrary files via the mode parameter, possibly due to a directory traversal vulnerability. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||