Total
254016 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0436 | 1 Mnogosearch | 1 Mnogosearch | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter. | |||||
CVE-2002-2255 | 1 Phpbb | 1 Phpbb | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the search_username parameter in searchuser mode. | |||||
CVE-2003-1342 | 2 Microsoft, Trend Micro | 2 Internet Information Server, Virus Control System | 2024-02-04 | 5.0 MEDIUM | N/A |
Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a denial of service (memory consumption) in IIS via multiple URL requests for ActiveSupport.exe. | |||||
CVE-2002-2145 | 1 Savant | 1 Savant Webserver | 2024-02-04 | 7.5 HIGH | N/A |
Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a '.' (%2e) at the end of the filename. | |||||
CVE-1999-0260 | 1 Renaud Deraison | 1 Jj | 2024-02-04 | 7.5 HIGH | N/A |
The jj CGI program allows command execution via shell metacharacters. | |||||
CVE-2002-0249 | 1 Apache | 1 Http Server | 2024-02-04 | 5.0 MEDIUM | N/A |
PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message. | |||||
CVE-1999-0595 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-04 | 2.1 LOW | N/A |
A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. | |||||
CVE-2003-1314 | 1 Eternalmart | 1 Eternalmart Guestbook | 2024-02-04 | 7.5 HIGH | N/A |
PHP remote file inclusion vulnerability in admin/auth.php in EternalMart Guestbook (EMGB) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the emgb_admin_path parameter. | |||||
CVE-2003-1350 | 1 List Site Pro | 1 List Site Pro | 2024-02-04 | 4.3 MEDIUM | N/A |
List Site Pro 2.0 allows remote attackers to hijack user accounts by inserting a "|" (pipe), which is used as a field delimiter, into the bannerurl field. | |||||
CVE-1999-1459 | 1 Bmc | 1 Patrol Agent | 2024-02-04 | 7.2 HIGH | N/A |
BMC PATROL Agent before 3.2.07 allows local users to gain root privileges via a symlink attack on a temporary file. | |||||
CVE-1999-1245 | 1 Ucd-snmp | 1 Ucd-snmp | 2024-02-04 | 5.0 MEDIUM | N/A |
vacm ucd-snmp SNMP server, version 3.52, does not properly disable access to the public community string, which could allow remote attackers to obtain sensitive information. | |||||
CVE-2004-2181 | 1 Wowbb | 1 Wowbb Web Forum | 2024-02-04 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in WowBB Forum 1.61 allow remote attackers to execute arbitrary SQL commands via the (1) sort_by or (2) page parameters to view_user.php, or the (3) forum_id parameter to view_topic.php. NOTE: the sort_by vector was later reported to be present in WowBB 1.65. | |||||
CVE-2003-1261 | 1 Globalscape | 1 Cuteftp | 2024-02-04 | 2.1 LOW | N/A |
Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a denial of service (crash) by copying a long URL into a clipboard. | |||||
CVE-2001-1083 | 1 Icecast | 1 Icecast | 2024-02-04 | 5.0 MEDIUM | N/A |
Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash). | |||||
CVE-1999-0881 | 1 Blueface | 1 Falcon Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Falcon web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-1999-0733 | 1 Vmware | 1 Workstation | 2024-02-04 | 7.2 HIGH | N/A |
Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable. | |||||
CVE-1999-1506 | 1 Sun | 1 Sunos | 2024-02-04 | 7.5 HIGH | N/A |
Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin. | |||||
CVE-2000-0919 | 1 Phpix | 1 Phpix | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in PHPix Photo Album 1.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2002-2040 | 1 Qnx | 1 Rtos | 2024-02-04 | 7.2 HIGH | N/A |
The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1.0 do not properly drop privileges before executing the system command, which allows local users to execute arbitrary commands by modifying the PATH environment variable to reference a malicious crttrap program. | |||||
CVE-2002-1525 | 2 Astaware, Sun | 2 Searchdisc, Sunone Starter Kit | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on port (1) 6015 or (2) 6016, or (3) an absolute pathname to port 6017. |