ReportizFlow
Filtered by vendor
Subscriptions
Total
29889 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0142 | 1 Andromeda Software | 1 Andromeda | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in andromeda.php in Andromeda 1.9.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the s parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2000-1180 | 1 Oracle | 1 Oracle8i | 2025-04-03 | N/A |
| Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control allows local users to gain privileges via a long command line argument. | ||||
| CVE-2000-1190 | 1 Jon Atkins | 1 Imwheel | 2025-04-03 | N/A |
| imwheel-solo in imwheel package allows local users to modify arbitrary files via a symlink attack from the .imwheelrc file. | ||||
| CVE-2005-1952 | 1 Pico Server | 1 Pico Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitrary files and execute arbitrary commands via a /./ (slash dot slash) before each .. (dot dot) sequence in the URL, which results in an incorrect directory depth count. | ||||
| CVE-2005-1953 | 1 Pico Server | 1 Pico Server | 2025-04-03 | N/A |
| Heap-based buffer overflow in the CGI extension for Pico Server (pServ) 3.3 allows remote attackers to execute arbitrary code via a long HTTP request. | ||||
| CVE-2000-1195 | 1 Caldera | 2 Openlinux Edesktop, Openlinux Eserver | 2025-04-03 | N/A |
| telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option. | ||||
| CVE-2005-1954 | 1 Singapore | 1 Singapore | 2025-04-03 | N/A |
| singapore 0.9.11 allows remote attackers to obtain sensitive information via a direct request to (1) admin.class.php, (2) any .tpl.php file in templates/admin_default/, or (3) any .tpl.php file in templates/default/, which reveal the path in an error message. | ||||
| CVE-2005-1955 | 1 Singapore | 1 Singapore | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9.11 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter. | ||||
| CVE-2006-0168 | 1 Myphpim | 1 Myphpim | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in MyPhPim 01.05 allows remote attackers to inject arbitrary web script or HTML via the description field on the "Create New todo" page. | ||||
| CVE-2005-1959 | 1 Jammail | 1 Jammail | 2025-04-03 | N/A |
| jammail.pl in jamchen JamMail 1.8 allows remote attackers to execute arbitrary commands via shell metacharacters in the mail parameter. | ||||
| CVE-2005-1960 | 1 C.j. Steele | 1 Tattle | 2025-04-03 | N/A |
| The getemails function in C.J. Steele Tattle allows remote attackers to execute arbitrary commands via shell metacharacters in certain log entries, as demonstrated using shell metacharacters in an FTP username. | ||||
| CVE-2005-1961 | 1 Objectweb | 1 Consortium C-jdbc | 2025-04-03 | N/A |
| Unknown vulnerability in ObjectWeb Consortium C-JDBC before 1.3.1 allows local users to bypass intended access restrictions and obtain the cache results from another user. | ||||
| CVE-2006-0201 | 1 Paypal | 1 Php Toolkit | 2025-04-03 | N/A |
| Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50, and possibly earlier versions, allows remote attackers to enter false payment entries into the log file via HTTP POST requests to ipn_success.php. | ||||
| CVE-2005-1967 | 1 Early Impact | 1 Productcart Ecommerce | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in ProductCart Ecommerce before 2.7 allow remote attackers to execute arbitrary SQL commands via the (1) idcategory parameter to viewPrd.asp, (2) lid parameter to editCategories.asp, (3) icd parameter to modCustomCardPaymentOpt.asp, or (4) idccr parameter to OptionFieldsEdit.asp. | ||||
| CVE-2005-1971 | 1 Interactivephp | 1 Fusionbb | 2025-04-03 | N/A |
| Directory traversal vulnerability in InteractivePHP FusionBB .11 Beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the language parameter. | ||||
| CVE-2000-1211 | 2 Redhat, Zope | 2 Powertools, Zope | 2025-04-03 | N/A |
| Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities. | ||||
| CVE-2005-1973 | 1 Sun | 1 J2se | 2025-04-03 | N/A |
| Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges. | ||||
| CVE-2006-0234 | 1 Microblog | 1 Microblog | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in microBlog 2.0 RC-10 allows remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters. | ||||
| CVE-2005-1992 | 2 Redhat, Yukihiro Matsumoto | 2 Enterprise Linux, Ruby | 2025-04-03 | N/A |
| The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands. | ||||
| CVE-2006-0242 | 1 Php Fusebox | 1 Php Fusebox | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in index.php in PHP Fusebox 4.0.6 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter. | ||||