Total
28764 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1786 | 1 Funkyasp | 1 Funkyasp Ad System | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin.asp in FunkyASP AD System 1.1 allows remote attackers to execute arbitrary SQL commands and gain privileges via the password parameter. | |||||
| CVE-2000-0274 | 1 Bray Systems | 1 Linux Trustees | 2024-02-14 | 2.1 LOW | N/A |
| The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or directory with a long name. | |||||
| CVE-2007-1305 | 1 Savas Place | 1 Savas Guestbook | 2024-02-14 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in add2.php in Sava's Guestbook 23.11.2006 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) country, (3) email, and (4) website parameters. | |||||
| CVE-2006-7092 | 1 Mamboxchange | 1 Laithai | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in includes/mambo.php in Mambo LaiThai 4.5.4 SP2 and earlier allows remote attackers to execute arbitrary SQL commands via the usercookie[password] cookie parameter. | |||||
| CVE-2002-0211 | 1 Tarantella | 1 Tarantella Enterprise | 2024-02-14 | 6.2 MEDIUM | N/A |
| Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed. | |||||
| CVE-2005-1161 | 1 Oneworldstore | 1 Oneworldstore | 2024-02-14 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in OneWorldStore allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) owAddItem.asp or (2) owProductDetail.asp, (3) idCategory parameter to owListProduct.asp, or (4) bSpecials parameter to owListProduct.asp. | |||||
| CVE-2002-0404 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 5.0 MEDIUM | N/A |
| Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption). | |||||
| CVE-2006-1585 | 1 3dsrc | 1 Monalbum | 2024-02-14 | 6.4 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote attackers to execute arbitrary SQL commands via (1) the pc parameter in (a) index.php and (2) pnom, (3) pcourriel, and (4) pcommentaire parameters in (b) image_agrandir.php. | |||||
| CVE-2005-0827 | 3 Ciamos, E-xoops, Runcms | 3 Ciamos, E-xoops, Runcms | 2024-02-14 | 5.0 MEDIUM | N/A |
| Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message. | |||||
| CVE-2006-1202 | 1 Jcink.com | 1 Textfilebb | 2024-02-14 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in textfileBB 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mess and (2) user parameters in messanger.php, possibly requiring a URL encoded value. | |||||
| CVE-2005-1469 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 allows remote attackers to cause the dissector to access an invalid pointer. | |||||
| CVE-2004-2021 | 1 Oscommerce | 1 Oscommerce | 2024-02-14 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in file_manager.php in osCommerce 2.2 allows remote attackers to view arbitrary files via a .. (dot dot) in the filename argument. | |||||
| CVE-2005-1047 | 1 Phpbb Group | 1 Phpbb | 2024-02-14 | 7.5 HIGH | N/A |
| Meilad File upload script (up.php) mod for phpBB 2.0.x does not properly limit the types of files that can be uploaded, which allows remote authenticated users to execute arbitrary commands by uploading PHP files, then directly requesting them from the uploads directory. | |||||
| CVE-2006-5236 | 1 4homepages | 1 4images | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in 4images 1.7.x allows remote authenticated users to execute arbitrary SQL commands via the search_user parameter. | |||||
| CVE-2005-3264 | 1 Zeroblog | 1 Zeroblog | 2024-02-14 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in thread.php for Zeroblog 1.1f and 1.2a allows remote attackers to inject arbitrary web script or HTML via the threadID parameter. | |||||
| CVE-2005-1457 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 5.0 MEDIUM | N/A |
| Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreChannel, (4) GSM_MAP, (5) SRVLOC, and (6) NTLMSSP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash). | |||||
| CVE-2004-1139 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2024-02-14 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). | |||||
| CVE-2005-2360 | 1 Ethereal Group | 1 Ethereal | 2024-02-14 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the LDAP dissector in Ethereal 0.8.5 through 0.10.11 allows remote attackers to cause a denial of service (free static memory and application crash) via unknown attack vectors. | |||||
| CVE-2006-5184 | 1 Pkr Internet | 1 Taskjitsu | 2024-02-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PKR Internet Taskjitsu before 2.0.6 allows remote attackers to execute arbitrary SQL commands via the key parameter, when the limit query parameter is set to customerid. | |||||
| CVE-2006-4889 | 1 Telekorn | 1 Signkorn Guestbook | 2024-02-14 | 5.1 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Telekorn SignKorn Guestbook (SL) 1.3 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dir_path parameter in (1) index.php, (2) includes/functions.gb.php, (3) includes/functions.admin.php, (4) includes/admin.inc.php, (5) help.php, (6) smile.php, (7) entry.php; (8) adminhelp0.php, (9) adminhelp1.php, (10) adminhelp2.php, and (11) adminhelp3.php in (a) help/en and (b) help/de directories; and the (12) preview.php, (13) log.php, (14) index.php, (15) config.php, and (16) admin.php in the (c) admin directory, a different set of vectors than CVE-2006-4788. | |||||