ReportizFlow
Filtered by vendor
Subscriptions
Total
29891 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4081 | 1 Alisveristr | 1 Alisveristr E-commerce | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Alisveristr E-commerce allow remote attackers to bypass authentication and possibly execute arbitrary SQL commands via the username and password parameters in (1) the user login and (2) administrator login pages. | ||||
| CVE-2005-0693 | 1 Jowood Productions | 1 Chaser | 2025-04-03 | N/A |
| Buffer overflow in JoWood Chaser 1.50 and earlier allows remote attackers to cause a denial of service (client or server crash) and execute arbitrary code via a long nickname. | ||||
| CVE-2004-1124 | 1 Sco | 2 Openserver, Unixware | 2025-04-03 | N/A |
| Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities. | ||||
| CVE-2005-4174 | 1 Efiction Project | 1 Efiction | 2025-04-03 | N/A |
| eFiction 1.0, 1.1, and 2.0, in unspecified environments, might allow remote attackers to conduct unauthorized operations by directly accessing (1) install.php or (2) upgrade.php. NOTE: it is unclear whether this is a vulnerability in eFiction itself or the result of incorrect system administration practices, e.g. by not removing utility scripts once they have been used. | ||||
| CVE-2005-0911 | 1 E-xoops | 1 E-xoops | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in exoops may allow remote attackers to execute arbitrary SQL commands via (1) the viewcat parameter to index.php or (2) the artid parameter in the viewarticle action for index.php. | ||||
| CVE-2005-0924 | 1 Adventia | 1 E-data | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Adventia E-Data 2.0 allows remote attackers to inject arbitrary web script or HTML via a query keyword. | ||||
| CVE-2005-0958 | 1 Yepyep | 1 Mtftpd | 2025-04-03 | N/A |
| Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD command. | ||||
| CVE-2004-1131 | 1 Sco | 1 Openserver | 2025-04-03 | N/A |
| Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users to execute arbitrary code via long command line arguments. | ||||
| CVE-2005-4285 | 1 Dick Copits | 1 Pdestore | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in pdestore.cgi in Dick Copits PDEstore 1.8 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the search module parameter or the (2) product and (3) cart_id parameters. | ||||
| CVE-2006-0513 | 1 Ibm | 1 Tivoli Access Manager For E-business | 2025-04-03 | N/A |
| Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2005-4314 | 1 Ppcal Shopping Cart | 1 Ppcal Shopping Cart | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal Shopping Cart 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) stop and (2) user parameters. | ||||
| CVE-2005-0982 | 1 Yet Another Forum.net | 1 Yet Another Forum.net | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Yet Another Forum.net 0.9.9 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, or (3) Subject field. | ||||
| CVE-2005-3910 | 1 Post Affiliate Pro | 1 Post Affiliate Pro | 2025-04-03 | N/A |
| merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magic_quotes_gpc disabled, allows remote attackers to include arbitrary local files via the md parameter, possibly due to a directory traversal vulnerability. | ||||
| CVE-2005-0988 | 7 Freebsd, Gentoo, Gnu and 4 more | 13 Freebsd, Linux, Gzip and 10 more | 2025-04-03 | N/A |
| Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. | ||||
| CVE-2005-1003 | 1 Profitcode | 1 Payprocart | 2025-04-03 | N/A |
| Directory traversal vulnerability in index.php for ProfitCode PayProCart 3.0 allows remote attackers to include arbitrary PHP files via .. (dot dot) sequences in the modID parameter. | ||||
| CVE-2005-4369 | 1 The Collective | 1 Acuity Cms | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Acuity CMS 2.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly strSearchKeywords to browse.asp. | ||||
| CVE-2005-1050 | 1 Postnuke Software Foundation | 1 Postnuke | 2025-04-03 | N/A |
| The modload op in the Reviews module for PostNuke 0.760-RC3 allows remote attackers to obtain sensitive information via an invalid id parameter, which reveals the path in a PHP error message. | ||||
| CVE-2004-1891 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
| The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged. | ||||
| CVE-2005-1117 | 1 All4www | 1 All4www-homepagecreator | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in index.php in All4WWW-Homepagecreator 1.0a allows remote attackers to execute arbitrary PHP code by modifying the site parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-4416 | 1 Tml | 1 Tml | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in TML CMS 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||