ReportizFlow
Filtered by vendor
Subscriptions
Total
29885 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2668 | 1 Interchange Development Group | 1 Interchange | 2025-04-03 | N/A |
| SQL injection vulnerability in Interchange before 4.8.9 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2006-3922 | 1 Portailphp | 1 Portailphp | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in mod_membre/inscription.php in PortailPHP 1.7 allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter. | ||||
| CVE-2006-4794 | 1 E107 | 1 E107 | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the query string (PATH_INFO) in (1) contact.php, (2) download.php, (3) admin.php, (4) fpw.php, (5) news.php, (6) search.php, (7) signup.php, (8) submitnews.php, and (9) user.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2003-0909 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | N/A |
| Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability." | ||||
| CVE-2005-0553 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | N/A |
| Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail, aka "DHTML Object Memory Corruption Vulnerability". | ||||
| CVE-2004-2667 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x before 6.0.4 and 6.5.x before 6.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | ||||
| CVE-1999-1293 | 1 Apache | 1 Http Server | 2025-04-03 | N/A |
| mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core. | ||||
| CVE-2003-0294 | 1 Php-proxima | 1 Php-proxima | 2025-04-03 | N/A |
| autohtml.php in php-proxima 6.0 and earlier allows remote attackers to read arbitrary files via the name parameter in a modload operation. | ||||
| CVE-1999-0308 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| HP-UX gwind program allows users to modify arbitrary files. | ||||
| CVE-1999-1146 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x and earlier allows local users to access arbitrary files and gain privileges. | ||||
| CVE-2004-1405 | 1 Mediawiki | 1 Mediawiki | 2025-04-03 | N/A |
| MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code. | ||||
| CVE-2006-4847 | 2 Ipswitch, Progress | 2 Ws Ftp Server, Ws Ftp Server | 2025-04-03 | N/A |
| Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands. | ||||
| CVE-2001-0693 | 1 Webtrends | 2 Webtrends Enterprise Reporting Server, Webtrends Enterprise Reporting Server Nt | 2025-04-03 | N/A |
| WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space (%20). | ||||
| CVE-2002-0410 | 1 Aeromail | 1 Aeromail | 2025-04-03 | N/A |
| send_message.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded. | ||||
| CVE-2006-4370 | 1 Alt-n | 1 Webadmin | 2025-04-03 | N/A |
| Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated domain administrators to change a global administrator's password and gain privileges via the userlist.wdm file. | ||||
| CVE-2006-4376 | 1 Guder Und Koch Netzwerktechnik | 1 Eichhorn Portal | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly including the (1) profil_nr and (2) sprache parameters in the main portion of the portal, the (3) suchstring field in suchForm in the main portion of the portal, the (4) GaleryKey and (5) Breadcrumbs parameters in the gallerie module, and the (6) GGBNSaction parameter in the ggbns module. | ||||
| CVE-2005-1105 | 1 Sun | 1 Javamail | 2025-04-03 | N/A |
| Directory traversal vulnerability in the MimeBodyPart.getFileName method in JavaMail 1.3.2 allows remote attackers to write arbitrary files via a .. (dot dot) in the filename in the Content-Disposition header. | ||||
| CVE-2005-1185 | 1 Musicmatch | 1 Jukebox | 2025-04-03 | N/A |
| Unquoted Windows search path vulnerability in Musicmatch Jukebox 10.00.2047 and earlier allows local users to gain privileges via a malicious C:\program.exe file, which is run by MMFWLaunch.exe when it attempts to execute launch.exe. | ||||
| CVE-2004-2120 | 1 Reptile Web Server | 1 Reptile Web Server | 2025-04-03 | N/A |
| Reptile Web Server allows remote attackers to cause a denial of service (CPU consumption) via multiple incomplete GET requests without the HTTP version. | ||||
| CVE-2003-0717 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows Me and 2 more | 2025-04-03 | N/A |
| The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | ||||