ReportizFlow
Filtered by vendor
Subscriptions
Total
29887 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4642 | 1 Auditwizard | 1 Auditwizard | 2025-04-03 | N/A |
| AuditWizard 6.3.2, when using "Remote Audit," logs the administrator password in plaintext to LaytonCmdSvc.log, which allows local users to obtain sensitive information by reading the file. | ||||
| CVE-2000-0069 | 1 Sun | 1 Solstice Backup | 2025-04-03 | N/A |
| The recover program in Solstice Backup allows local users to restore sensitive files. | ||||
| CVE-2000-0104 | 1 Web Express | 1 Shoptron | 2025-04-03 | N/A |
| The Shoptron shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | ||||
| CVE-2005-0921 | 1 Microsoft | 1 Outlook Connector | 2025-04-03 | N/A |
| Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local users to save passwords and login credentials locally, even when password caching is disabled by a group policy. | ||||
| CVE-2000-0135 | 1 Atretail | 1 Atretail | 2025-04-03 | N/A |
| The @Retail shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | ||||
| CVE-2006-4667 | 1 Runcms | 1 Runcms | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in RunCMS 1.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) uid parameter in (a) class/sessions.class.php, and the (2) timezone_offset and (3) umode parameters in (b) class/xoopsuser.php. | ||||
| CVE-2000-0304 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2025-04-03 | N/A |
| Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability. | ||||
| CVE-2000-0424 | 1 George Burgyan | 1 Cgi Counter | 2025-04-03 | N/A |
| The CGI counter 4.0.7 by George Burgyan allows remote attackers to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2005-1785 | 1 Zongg | 1 Zongg | 2025-04-03 | N/A |
| SQL injection vulnerability in ad/login.asp in ZonGG 1.2 allows remote attackers to execute arbitrary SQL commands via the password parameter. | ||||
| CVE-2005-1528 | 1 Qnx | 1 Rtos | 2025-04-03 | N/A |
| Untrusted search path vulnerability in the crttrap command in QNX Neutrino RTOS 6.2.1 allows local users to load arbitrary libraries via a LD_LIBRARY_PATH environment variable that references a malicious library. | ||||
| CVE-2000-0427 | 1 Aladdin Knowledge Systems | 1 Etoken | 2025-04-03 | N/A |
| The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM. | ||||
| CVE-1999-0850 | 1 Endymion | 1 Mailman Webmail | 2025-04-03 | N/A |
| The default permissions for Endymion MailMan allow local users to read email or modify files. | ||||
| CVE-2000-0441 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems. | ||||
| CVE-2005-1904 | 1 Jiro | 1 Jiro Upload System | 2025-04-03 | N/A |
| SQL injection vulnerability in login.asp in JiRo's Upload System (JUS) 1 allows remote attackers to execute arbitrary SQL commands via the password parameter. | ||||
| CVE-2000-0470 | 1 Allegro | 1 Rom Pager | 2025-04-03 | N/A |
| Allegro RomPager HTTP server allows remote attackers to cause a denial of service via a malformed authentication request. | ||||
| CVE-2000-0476 | 4 Michael Jennings, Putty, Rxvt and 1 more | 4 Eterm, Putty, Rxvt and 1 more | 2025-04-03 | N/A |
| xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized. | ||||
| CVE-2000-0483 | 2 Redhat, Zope | 2 Linux Powertools, Zope | 2025-04-03 | N/A |
| The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization. | ||||
| CVE-2000-0512 | 1 Debian | 1 Debian Linux | 2025-04-03 | N/A |
| CUPS (Common Unix Printing System) 1.04 and earlier does not properly delete request files, which allows a remote attacker to cause a denial of service. | ||||
| CVE-2005-2226 | 1 Microsoft | 1 Outlook Express | 2025-04-03 | N/A |
| Microsoft Outlook Express 6.0 leaks the default news server account when a user responds to a "watched" conversation thread, which could allow remote attackers to obtain sensitive information. | ||||
| CVE-2005-2217 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2025-04-03 | N/A |
| Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attackers to obtain sensitive information such as program variables. | ||||