Total
28799 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3243 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector. | |||||
| CVE-2006-4864 | 1 All Enthusiast Inc | 1 Reviewpost Php Pro | 2024-02-14 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in All Enthusiast ReviewPost 2.5 allows remote attackers to execute arbitrary PHP code via a URL in the RP_PATH parameter. | |||||
| CVE-2006-6153 | 1 Vspin.net | 1 Classified System | 2024-02-14 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to inject arbitrary web script or HTML via (1) catname parameter to cat.asp or the (2) minprice parameter to search.asp. | |||||
| CVE-2006-5184 | 1 Pkr Internet | 1 Taskjitsu | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PKR Internet Taskjitsu before 2.0.6 allows remote attackers to execute arbitrary SQL commands via the key parameter, when the limit query parameter is set to customerid. | |||||
| CVE-2005-3475 | 1 Hasbani Web Server | 1 Hasbani Web Server | 2024-02-14 | 5.0 MEDIUM | N/A |
| Hasbani Web Server (WindWeb) 2.0 allows remote attackers to cause a denial of service (infinite loop) via HTTP crafted GET requests. | |||||
| CVE-2003-0925 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 7.5 HIGH | N/A |
| Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string. | |||||
| CVE-2004-1333 | 2 Linux, Redhat | 3 Linux Kernel, Fedora Core, Linux | 2024-02-14 | 2.1 LOW | N/A |
| Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow. | |||||
| CVE-2006-1954 | 1 Nfec.de | 1 Rechnungszentrale | 2024-02-14 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka NFec) RechnungsZentrale V2 1.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the User field. | |||||
| CVE-2012-4036 | 1 Pbboard | 1 Pbboard | 2024-02-14 | 6.8 MEDIUM | N/A |
| Unrestricted file upload vulnerability in admin.php in PBBoard 2.1.4 allows remote administrators to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the addons directory. NOTE: this vulnerability can be leveraged by remote attackers using CVE-2012-1216. | |||||
| CVE-2004-1335 | 2 Linux, Redhat | 3 Linux Kernel, Fedora Core, Linux | 2024-02-14 | 2.1 LOW | N/A |
| Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function. | |||||
| CVE-2006-6132 | 1 Softacid | 1 Link Exchange Lite | 2024-02-14 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Link Exchange Lite allow remote attackers to execute arbitrary SQL commands via (1) the search engine field to search.asp and (2) psearch parameter to linkslist.asp. | |||||
| CVE-2005-2166 | 1 Frozenplague.net | 1 Plague News System | 2024-02-14 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Plague News System 0.6 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2008-4728 | 1 Hummingbird | 1 Deployment Wizard | 2024-02-14 | 9.3 HIGH | N/A |
| Multiple insecure method vulnerabilities in the DeployRun.DeploymentSetup.1 (DeployRun.dll) ActiveX control 10.0.0.44 in Hummingbird Deployment Wizard 2008 allow remote attackers to execute arbitrary programs via the (1) Run and (2) PerformUpdateAsync methods, and (3) modify arbitrary registry values via the SetRegistryValueAsString method. NOTE: the SetRegistryValueAsString method could be leveraged for code execution by specifying executable file values to Startup folders. | |||||
| CVE-2005-2361 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the (1) AgentX dissector, (2) PER dissector, (3) DOCSIS dissector, (4) SCTP graphs, (5) HTTP dissector, (6) DCERPC, (7) DHCP, (8) RADIUS dissector, (9) Telnet dissector, (10) IS-IS LSP dissector, or (11) NCP dissector in Ethereal 0.8.19 through 0.10.11 allows remote attackers to cause a denial of service (application crash or abort) via unknown attack vectors. | |||||
| CVE-2005-1910 | 1 Wwweb Concepts | 1 Events System | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp for WWWeb Concepts Events System 1.0 allows remote attackers to execute arbitrary SQL commands via the password. | |||||
| CVE-2007-2380 | 1 Microsoft | 1 Atlas Framework | 2024-02-14 | 5.0 MEDIUM | N/A |
| The Microsoft Atlas framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka "JavaScript Hijacking." | |||||
| CVE-2005-3968 | 1 Phpx | 1 Phpx | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auth.inc.php in PHPX 3.5.9 and earlier allows remote attackers to execute arbitrary SQL commands, bypass authentication, and upload arbitrary PHP code via the username parameter. | |||||
| CVE-2006-5761 | 1 Rhadrix | 1 If-cms | 2024-02-14 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Rhadrix If-CMS 1.01 and 2.07 allows remote attackers to inject arbitrary web script or HTML via the rns parameter. | |||||
| CVE-2004-2364 | 1 Phpx | 1 Phpx | 2024-02-14 | 5.0 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php. | |||||
| CVE-2013-6227 | 2 Ajaxplorer, Pydio | 2 Ajaxplorer, Pydio | 2024-02-14 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho plugin in Pydio (formerly AjaXplorer) before 5.0.4 allows remote attackers to execute arbitrary code by uploading an executable file, and then accessing this file at a location specified by the format parameter of a move operation. | |||||