Total
28799 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-6028 | 1 Anton Vlasov | 1 Dosepa | 2024-02-14 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in textview.php in Anton Vlasov DoSePa 1.0.4 allows remote attackers to read arbitrary files via a .. (dot dot) sequence or absolute file path in the file parameter. | |||||
| CVE-2005-0704 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 7.5 HIGH | N/A |
| Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code. | |||||
| CVE-2006-7092 | 1 Mamboxchange | 1 Laithai | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter. | |||||
| CVE-2000-0583 | 1 Inter7 | 1 Vpopmail Vchkpw | 2024-02-14 | 5.0 MEDIUM | N/A |
| vchkpw program in vpopmail before version 4.8 does not properly cleanse an untrusted format string used in a call to syslog, which allows remote attackers to cause a denial of service via a USER or PASS command that contains arbitrary formatting directives. | |||||
| CVE-2005-1949 | 1 E107 | 1 E107 | 2024-02-14 | 7.5 HIGH | N/A |
| The eping_validaddr function in functions.php for the ePing plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the eping_host parameter. | |||||
| CVE-2006-6090 | 1 Baalasp | 1 Smart Form Portal | 2024-02-14 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in BaalAsp forum allow remote attackers to execute arbitrary SQL commands via the (1) password parameter to (a) adminlogin.asp, the (2) name or (3) password parameter to (b) userlogin.asp, or the (3) search parameter to search.asp. | |||||
| CVE-2005-1457 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 5.0 MEDIUM | N/A |
| Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreChannel, (4) GSM_MAP, (5) SRVLOC, and (6) NTLMSSP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash). | |||||
| CVE-2002-1478 | 1 The Cacti Group | 1 Cacti | 2024-02-14 | 10.0 HIGH | N/A |
| Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode. | |||||
| CVE-2006-4613 | 1 Securecomputing | 4 Snapgear Sg560, Snapgear Sg565, Snapgear Sg580 and 1 more | 2024-02-14 | 7.8 HIGH | N/A |
| Multiple unspecified vulnerabilities in SnapGear before 3.1.4u1 allow remote attackers to cause a denial of service via unspecified vectors involving (1) IPSec replay windows and (2) the use of vulnerable versions of ClamAV before 0.88.4. NOTE: it is possible that vector 2 is related to CVE-2006-4018. | |||||
| CVE-2006-3208 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2024-02-14 | 6.5 MEDIUM | N/A |
| Direct static code injection vulnerability in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote authenticated administrators to execute arbitrary PHP code via multiple unspecified "configuration fields" in (1) admin_chatconfig.php, (2) admin_configcss.php, (3) admin_config.php, or (4) admin_config2.php, which are stored as configuration settings. NOTE: this issue can be exploited by remote attackers by leveraging other vulnerabilities in UPB. | |||||
| CVE-2002-0822 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 7.5 HIGH | N/A |
| Ethereal 0.9.4 and earlier allows remote attackers to cause a denial of service and possibly excecute arbitrary code via the (1) SOCKS, (2) RSVP, (3) AFS, or (4) LMP dissectors, which can be caused to core dump. | |||||
| CVE-2006-5765 | 1 Article Script | 1 Article Script | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in rss.php in Article Script 1.6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2000-0141 | 1 Infopop | 1 Ultimate Bulletin Board | 2024-02-14 | 10.0 HIGH | N/A |
| Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metacharacters in the topic hidden field. | |||||
| CVE-2005-3651 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets. | |||||
| CVE-2004-0504 | 2 Ethereal Group, Sgi | 2 Ethereal, Propack | 2024-02-14 | 5.0 MEDIUM | N/A |
| Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients. | |||||
| CVE-2006-0587 | 1 Gallery Project | 1 Gallery | 2024-02-14 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in util.php in Gallery before 1.5.2-pl2 allows remote authenticated users with trick an owner into modifying stored album data and possibly executing arbitrary code via unspecified vectors involving a crafted link to a crafted file. | |||||
| CVE-2005-2366 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the BER dissector in Ethereal 0.10.11 allows remote attackers to cause a denial of service (abort or infinite loop) via unknown attack vectors. | |||||
| CVE-2006-5844 | 1 Speedywiki | 1 Speedywiki | 2024-02-14 | 5.0 MEDIUM | N/A |
| Speedywiki 2.0 allows remote attackers to obtain the full path of the web server via the (1) showRevisions[] and (2) searchText[] parameters in (a) index.php, and (b) a direct request to upload.php without any parameters. | |||||
| CVE-2002-1356 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 7.5 HIGH | N/A |
| Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the (1) LMP, (2) PPP, or (3) TDS dissectors, possibly related to a missing field for EndVerifyAck messages. | |||||
| CVE-2007-4094 | 1 Idevspot | 1 Phphostbot | 2024-02-14 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in library/authorize.php in IDevSpot PhpHostBot allows remote attackers to execute arbitrary PHP code via a URL in the login_form parameter, a different vector than CVE-2006-3776. | |||||