ReportizFlow
Filtered by vendor
Subscriptions
Total
29885 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1052 | 1 Emergenices Personnel Information System | 1 Empris | 2025-04-03 | N/A |
| Empris PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | ||||
| CVE-2006-3333 | 1 Phpoutsourcing | 1 Zorum | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to inject web script or HTML via the multiple unspecified parameters, including the (1) frommethod, (2) list, and (3) method, which are reflected in an error message. NOTE: some of these vectors might be resultant from SQL injection. | ||||
| CVE-2006-2653 | 1 D-link | 1 Dsa-3100 Airspot Gateway | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in login_error.shtml for D-Link DSA-3100 allows remote attackers to inject arbitrary HTML or web script via an encoded uname parameter. | ||||
| CVE-2001-1051 | 1 Dark Hart Portal | 1 Darkportal-unix | 2025-04-03 | N/A |
| Dark Hart Portal (darkportal) PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | ||||
| CVE-2001-1031 | 1 Charles Clark | 1 Meteor Ftpd | 2025-04-03 | N/A |
| Directory traversal vulnerability in Meteor FTP 1.0 allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the ls/LIST command, or (2) a ... in the cd/CWD command. | ||||
| CVE-2001-1021 | 1 Progress | 1 Ws Ftp Server | 2025-04-03 | N/A |
| Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments to (1) DELE, (2) MDTM, (3) MLST, (4) MKD, (5) RMD, (6) RNFR, (7) RNTO, (8) SIZE, (9) STAT, (10) XMKD, or (11) XRMD. | ||||
| CVE-2001-0959 | 2 Broadcom, Ca | 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 | 2025-04-03 | N/A |
| Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files. | ||||
| CVE-1999-1465 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862. | ||||
| CVE-2001-0955 | 1 Xfree86 Project | 1 X11r6 | 2025-04-03 | N/A |
| Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title. | ||||
| CVE-2006-3336 | 1 Twiki | 1 Twiki | 2025-04-03 | N/A |
| TWiki 01-Dec-2000 up to 4.0.3 allows remote attackers to bypass the upload filter and execute arbitrary code via filenames with double extensions such as ".php.en", ".php.1", and other allowed extensions that are not .txt. NOTE: this is only a vulnerability when the server allows script execution in the pub directory. | ||||
| CVE-2001-0919 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| Internet Explorer 5.50.4134.0100 on Windows ME with "Prompt to allow cookies to be stored on your machine" enabled does not warn a user when a cookie is set using Javascript. | ||||
| CVE-2001-0908 | 1 Citrix | 1 Metaframe | 2025-04-03 | N/A |
| CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT). | ||||
| CVE-2001-0897 | 1 Infopop | 1 Ultimate Bulletin Board | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board (UBB) before 5.47e allows remote attackers to steal user cookies via an [IMG] tag that references an about: URL with an onerror field. | ||||
| CVE-2001-0822 | 1 Packet Knights | 1 Fpf Linux Kernel Module | 2025-04-03 | N/A |
| FPF kernel module 1.0 allows a remote attacker to cause a denial of service via fragmented packets. | ||||
| CVE-2001-0821 | 1 Dcscripts | 1 Dcshop | 2025-04-03 | N/A |
| The default configuration of DCShop 1.002 beta places sensitive files in the cgi-bin directory, which could allow remote attackers to read sensitive data via an HTTP GET request for (1) orders.txt or (2) auth_user_file.txt. | ||||
| CVE-2001-0751 | 1 Cisco | 1 Cbos | 2025-04-03 | N/A |
| Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections. | ||||
| CVE-2001-0720 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled. | ||||
| CVE-2001-0734 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine. | ||||
| CVE-2001-0711 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string. | ||||
| CVE-2001-0710 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-03 | N/A |
| NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool. | ||||