ReportizFlow
Filtered by vendor
Subscriptions
Total
29899 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1592 | 1 Birdblog | 1 Birdblog | 2026-04-16 | N/A |
| Multiple "javascript vulerabilities in BB code" in BirdBlog before 1.3.1 allow remote attackers to inject arbitrary Javascript. | ||||
| CVE-2005-1595 | 1 Codethat | 1 Shoppingcart | 2026-04-16 | N/A |
| CodeThat ShoppingCart 1.3.1 stores config.ini under the web root, which allows remote attackers to obtain sensitive information via a direct request. | ||||
| CVE-2005-1600 | 1 Libtomcrypt | 1 Libtomcrypt | 2026-04-16 | N/A |
| A "mathematical flaw" in the implementation of the El Gamal signature algorithm for LibTomCrypt 1.0 to 1.0.2 allows attackers to generate valid signatures without having the private key. | ||||
| CVE-2005-4556 | 3 Deerfield, Icewarp, Merak | 3 Visnetic Mail Server, Web Mail, Mail Server | 2026-04-16 | N/A |
| PHP remote file include vulnerability in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, when register_globals is enabled, allows remote attackers to include arbitrary local and remote PHP files via a URL in the (1) lang_settings and (2) language parameters in (a) accounts/inc/include.php and (b) admin/inc/include.php. | ||||
| CVE-2005-1615 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2026-04-16 | N/A |
| viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter, which is not properly handled by textdb.inc.php, possibly due to a SQL injection vulnerability. | ||||
| CVE-2006-2643 | 1 Circle R | 1 Monster Top List | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Monster Top List (MTL) 1.4 allows remote attackers to inject arbitrary web script or HTML via the user_error_message parameter. | ||||
| CVE-2005-1617 | 1 Willings | 2 Webcam, Webcam Lite | 2026-04-16 | N/A |
| Willings WebCam and WebCam Lite 2.8 and earlier stores the password in memory in plaintext, which allows local users to gain sensitive information. | ||||
| CVE-2006-2650 | 1 Cosmicphp | 1 Cosmicshoppingcart | 2026-04-16 | N/A |
| SQL injection vulnerability in cosmicshop/search.php in CosmicShoppingCart allows remote attackers to execute arbitrary SQL commands via the max parameter. | ||||
| CVE-2006-2654 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences. NOTE: this is similar to CVE-2006-1864, but this is a different implementation of smbfs, so it has a different CVE identifier. | ||||
| CVE-2005-1639 | 1 Atinegar | 1 Sigma Isp Manager | 2026-04-16 | N/A |
| SQL injection vulnerability in Sigmaweb.DLL in Sigma ISP Manager 6.6 allows remote attackers to execute arbitrary SQL commands via the (1) username, (2) password, or (3) domain fields. | ||||
| CVE-2006-2662 | 1 Vmware | 1 Server | 2026-04-16 | N/A |
| VMware Server before RC1 does not clear user credentials from memory after a console connection is made, which might allow local attackers to gain privileges. | ||||
| CVE-2005-1645 | 1 Keyvan1 | 1 Imagegallery | 2026-04-16 | N/A |
| Keyvan1 ImageGallery stores the image.mdb database under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2005-1651 | 1 Woppoware | 1 Postmaster | 2026-04-16 | N/A |
| Directory traversal vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in the wmm parameter. | ||||
| CVE-2005-4615 | 1 Dapperdesk | 1 Dapperdesk | 2026-04-16 | N/A |
| SQL injection vulnerability in news.php in DapperDesk 3.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2006-2664 | 1 Ifdate.com | 1 Ifdate | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in iFdate 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) password fields, or certain other input text boxes. | ||||
| CVE-2005-1659 | 1 Myserver | 1 Myserver | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to inject arbitrary Javascript via a URL with a "..." (triple dot) followed by an onmouseover event. | ||||
| CVE-2005-1661 | 1 Jeuce | 1 Jeuce Personal Web Server | 2026-04-16 | N/A |
| Jeuce Personal Webserver 2.13 allows remote attackers to cause a denial of service (server crash) via a long GET request, possibly triggering a buffer overflow. | ||||
| CVE-2005-1922 | 1 Clam Anti-virus | 1 Clamav | 2026-04-16 | N/A |
| The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function. | ||||
| CVE-2006-0142 | 1 Andromeda Software | 1 Andromeda | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in andromeda.php in Andromeda 1.9.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the s parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-1952 | 1 Pico Server | 1 Pico Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitrary files and execute arbitrary commands via a /./ (slash dot slash) before each .. (dot dot) sequence in the URL, which results in an incorrect directory depth count. | ||||