ReportizFlow
Filtered by vendor
Subscriptions
Total
29887 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2267 | 1 Kerio | 1 Winroute Firewall | 2025-04-03 | N/A |
| Kerio WinRoute Firewall before 6.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors in the "email protocol inspectors," possibly (1) SMTP and (2) POP3. | ||||
| CVE-1999-1346 | 1 Redhat | 1 Linux | 2025-04-03 | N/A |
| PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file. | ||||
| CVE-2000-0444 | 1 Hp | 1 Jetadmin | 2025-04-03 | N/A |
| HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000. | ||||
| CVE-2006-2340 | 1 Lethal Penguin | 2 Passmasterflex, Passmasterflexplus | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in PassMasterFlex and PassMasterFlexPlus (PassMasterFlex+) 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) password, or (3) User-Agent HTTP header in the Hack Log. | ||||
| CVE-2006-2359 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in charts.php in the Chart mod for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this issue might be resultant from SQL injection. | ||||
| CVE-2006-2397 | 1 Gphotos | 1 Gphotos | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in GPhotos 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) rep parameter to (a) index.php or (b) diapo.php or (2) image parameter to (c) affich.php. NOTE: item 1a might be resultant from directory traversal. | ||||
| CVE-1999-1367 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users. | ||||
| CVE-1999-1378 | 1 Dbmlparser.exe | 1 Dbmlparser.exe | 2025-04-03 | N/A |
| dbmlparser.exe CGI guestbook program does not perform a chroot operation properly, which allows remote attackers to read arbitrary files. | ||||
| CVE-2006-2486 | 1 Yapbb | 1 Yapbb | 2025-04-03 | N/A |
| SQL injection vulnerability in find.php in YapBB 1.2 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the userID parameter. | ||||
| CVE-2006-2542 | 1 Ti Kan | 1 Xmcd | 2025-04-03 | N/A |
| xmcdconfig in xmcd for Debian GNU/Linux 2.6-17.1 creates /var/lib/cddb and /var/lib/xmcd/discog with world writable permissions, which allows local users to cause a denial of service (disk consumption). | ||||
| CVE-2006-2576 | 1 Docebo | 1 Docebo | 2025-04-03 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in (1) GLOBALS[where_framework] to (a) lib.simplesel.php, (b) lib.filelist.php, (c) tree.documents.php, (d) lib.repo.php, and (e) lib.php, and (2) GLOBALS[where_scs] to (f) lib.teleskill.php. NOTE: this issue might be resultant from a global overwrite vulnerability. | ||||
| CVE-2000-0446 | 1 Marty Bochane | 1 Mdbms | 2025-04-03 | N/A |
| Buffer overflow in MDBMS database server allows remote attackers to execute arbitrary commands via a long string. | ||||
| CVE-2006-2677 | 1 Sitescape | 1 Sitescape Forum | 2025-04-03 | N/A |
| SiteScape Forum 7.2 and possibly earlier stores the avf.rc configuraiton file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive path information. | ||||
| CVE-2006-2703 | 1 Suse | 1 Suse Linux | 2025-04-03 | N/A |
| The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack. | ||||
| CVE-2006-2720 | 1 Variomat | 1 Variomat | 2025-04-03 | N/A |
| SQL injection vulnerability in news.php in VARIOMAT allows remote attackers to execute arbitrary SQL commands via the subcat parameter. | ||||
| CVE-1999-1458 | 1 Digital | 1 Unix | 2025-04-03 | N/A |
| Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument. | ||||
| CVE-2006-2743 | 1 Drupal | 1 Drupal | 2025-04-03 | N/A |
| Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote attackers to upload, modify, or execute arbitrary files in the files directory. | ||||
| CVE-2000-0425 | 1 Lsoft | 1 Listserv | 2025-04-03 | N/A |
| Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands. | ||||
| CVE-2006-2768 | 1 Ipw Systems | 1 Metajour | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in METAjour 2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the (1) system_path parameter in a large number of files in the (a) app/edocument/, (b) app/eproject/, (c) app/erek/, and (d) extension/ directories, and the (2) GLOBALS[system_path] parameter in (e) extension/sitemap/sitemap.datatype.php. | ||||
| CVE-1999-1485 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
| nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attackers to view files and cause a possible denial of service by mounting the nsd virtual file system. | ||||