Total
254240 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0606 | 1 Infoblox | 1 Dns One Appliance | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Infoblox DNS One running firmware 2.4.0-8 and earlier allows remote attackers to execute arbitrary scripts as other users via the (1) CLIENTID or (2) HOSTNAME option of a DHCP request. | |||||
CVE-2002-1465 | 1 Cafelog | 1 B2 | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tablehosts variable. | |||||
CVE-2002-1598 | 1 Broadcom | 1 Mlink | 2024-02-04 | 4.6 MEDIUM | N/A |
Buffer overflows in Computer Associates MLink (CA-MLink) 6.5 and earlier may allow local users to execute arbitrary code via long command line arguments to (1) mlclear or (2) mllock. | |||||
CVE-2002-2168 | 1 Thorsten Korner | 1 123tkshop | 2024-02-04 | 7.5 HIGH | N/A |
SQL injection vulnerability in Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to execute arbitrary SQL queries via various programs including function_describe_item1.inc.php. | |||||
CVE-2002-1142 | 1 Microsoft | 3 Data Access Components, Ie, Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub. | |||||
CVE-2004-1906 | 1 Mcafee | 1 Freescan | 2024-02-04 | 5.0 MEDIUM | N/A |
Mcafee FreeScan allows remote attackers to cause a denial of service and possibly arbitrary code via a long string in the ScanParam property of a COM object, which may trigger a buffer overflow. | |||||
CVE-1999-0897 | 1 Apple | 1 Ichat Server | 2024-02-04 | 5.0 MEDIUM | N/A |
iChat ROOMS Webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2002-0454 | 1 Qualcomm | 1 Qpopper | 2024-02-04 | 5.0 MEDIUM | N/A |
Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a very large string, which causes an infinite loop. | |||||
CVE-2003-0789 | 1 Apache | 1 Http Server | 2024-02-04 | 10.0 HIGH | N/A |
mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client. | |||||
CVE-2004-0648 | 1 Mozilla | 3 Firefox, Mozilla, Thunderbird | 2024-02-04 | 10.0 HIGH | N/A |
Mozilla (Suite) before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attackers to launch arbitrary programs via a URI referencing the shell: protocol. | |||||
CVE-2004-1848 | 2 Ipswitch, Progress | 2 Ws Ftp Server, Ipswitch Ws Ftp Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file. | |||||
CVE-2003-1317 | 1 Endonesia | 1 Endonesia | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in mod.php in eNdonesia 8.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2001-0874 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Internet Explorer 5.5 and 6.0 allow remote attackers to read certain files via HTML that passes information from a frame in the client's domain to a frame in the web site's domain, a variant of the "Frame Domain Verification" vulnerability. | |||||
CVE-2004-1839 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 5.0 MEDIUM | N/A |
MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a direct request to (1) browsers.php, (2) mstrack.php, or (3) title.php, which reveal the full path in a PHP error message. | |||||
CVE-2002-0752 | 1 Cgiscript.net | 1 Csmailto | 2024-02-04 | 5.0 MEDIUM | N/A |
CGIscript.net csMailto.cgi program exports feedback to a file that is accessible from the web document root, which could allow remote attackers to obtain sensitive information by directly accessing the file. | |||||
CVE-2004-2018 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x through 7.3 allows remote attackers to execute arbitrary PHP code by modifying the modpath parameter to reference a URL on a remote web server that contains the code. | |||||
CVE-2003-0475 | 1 Ashley Brown | 1 Iweb Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in iWeb Server 2 allows remote attackers to read arbitrary files via an HTTP request containing URL-encoded .. sequences ("%5c%2e%2e"), a different vulnerability than CVE-2003-0474. | |||||
CVE-2002-0584 | 1 Workforceroi | 1 Xpede | 2024-02-04 | 5.0 MEDIUM | N/A |
WorkforceROI Xpede 4.1 allows remote attackers to read user timesheets by modifying the TSN ID parameter to the ts_app_process.asp script, which is easily guessable because it is incremented by 1 for each new timesheet. | |||||
CVE-2000-1089 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. | |||||
CVE-1999-0705 | 2 Isc, Redhat | 2 Inn, Linux | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in INN inews program. |