Total
28799 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3924 | 1 Randshop | 1 Randshop | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in themes/kategorie/index.php in Randshop allows remote attackers to execute arbitrary SQL commands via the (1) kategorieid and (2) katid parameters. | |||||
| CVE-2006-0250 | 1 Carnegie Mellon University | 1 Snmptrapd | 2024-02-14 | 6.4 MEDIUM | N/A |
| Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162. | |||||
| CVE-2005-0486 | 1 Tarantella | 2 Secure Global Desktop, Tarantella Enterprise | 2024-02-14 | 5.0 MEDIUM | N/A |
| Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when using RSA SecurID and multiple users have the same username, reveals sensitive information during authentication, which allows remote attackers to identify valid usernames and the authentication scheme. | |||||
| CVE-2021-38696 | 1 Softvibe | 1 Saraban | 2024-02-14 | 5.0 MEDIUM | 7.5 HIGH |
| SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication. | |||||
| CVE-2006-0311 | 1 Mike Helton | 1 Aoblogger | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in aoblogger 2.3 allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2006-4560 | 1 Microsoft | 1 Ie | 2024-02-14 | 7.5 HIGH | N/A |
| Internet Explorer 6 on Windows XP SP2 allows remote attackers to execute arbitrary JavaScript in the context of the browser's session with an arbitrary intranet web server, by hosting script on an Internet web server that can be made inaccessible by the attacker and that has a domain name under the attacker's control, which can force the browser to drop DNS pinning and perform a new DNS query for the domain name after the script is already running. | |||||
| CVE-1999-0854 | 1 Infopop | 1 Ultimate Bulletin Board | 2024-02-14 | 5.0 MEDIUM | N/A |
| Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to view the data if an error occurs when the HTTP server attempts to execute the file. | |||||
| CVE-2004-2562 | 1 Leigh Business Enterprises | 1 Web Helpdesk | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in jobedit.asp in Leigh Business Enterprises (LBE) Web Helpdesk before 4.0.0.81 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2002-1477 | 1 The Cacti Group | 1 Cacti | 2024-02-14 | 7.5 HIGH | N/A |
| graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode. | |||||
| CVE-2005-0084 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 7.5 HIGH | N/A |
| Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet. | |||||
| CVE-2005-2321 | 1 Calogic | 1 Calogic | 2024-02-14 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in CaLogic 1.2.2 allows remote attackers to execute arbitrary code via the CLPATH parameter to (1) cl_minical.php, (2) clmcpreload.php, (3) mcconfig.php, or (4) mcpi-demo.php. | |||||
| CVE-2004-0176 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors. | |||||
| CVE-2005-3688 | 1 Xmb Forum | 1 Xmb | 2024-02-14 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in members.php in XMB 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Your Current Mood" field in the registration page. | |||||
| CVE-2005-1639 | 1 Atinegar | 1 Sigma Isp Manager | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Sigmaweb.DLL in Sigma ISP Manager 6.6 allows remote attackers to execute arbitrary SQL commands via the (1) username, (2) password, or (3) domain fields. | |||||
| CVE-2006-4532 | 1 Bernard Pacques | 1 Yet Another Community System Cms | 2024-02-14 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System (YACS) CMS 6.6.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the context[path_to_root] parameter. | |||||
| CVE-2006-3205 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2024-02-14 | 5.0 MEDIUM | N/A |
| Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to gain access via modified user_env, pass_env, power_env, and id_env parameters in a cookie, which comprise a persistent logon that does not vary across sessions. | |||||
| CVE-2005-0765 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the JXTA dissector in Ethereal 0.10.9 allows remote attackers to cause a denial of service (application crash). | |||||
| CVE-2006-1747 | 1 Vwar | 1 Virtual War | 2024-02-14 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in Virtual War (VWar) 1.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the vwar_root parameter to (1) admin/admin.php, (2) war.php, (3) stats.php, (4) news.php, (5) joinus.php, (6) challenge.php, (7) calendar.php, (8) member.php, (9) popup.php, and other unspecified scripts in the admin folder. NOTE: these are different attack vectors than CVE-2006-1636 and CVE-2006-1503. | |||||
| CVE-2007-1305 | 1 Savas Place | 1 Savas Guestbook | 2024-02-14 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in add2.php in Sava's Guestbook 23.11.2006 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) country, (3) email, and (4) website parameters. | |||||
| CVE-2005-4747 | 1 Webhost Automation | 1 Helm Web Hosting Control Panel | 2024-02-14 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebHost Automation Ltd Helm before 3.2.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors involving the default page. | |||||