ReportizFlow
Filtered by vendor
Subscriptions
Total
29894 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0275 | 1 Moby | 1 Netsuite Web Server | 2026-04-16 | N/A |
| Moby Netsuite Web Server 1.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request. | ||||
| CVE-2002-1726 | 1 Brokenbytes | 1 Photodb | 2026-04-16 | N/A |
| secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a large Time parameter, non-empty rmtusername and rmtpassword parameter, and an accesslevel parameter that is lower than the access level of the requested page. | ||||
| CVE-2002-1736 | 1 Markus Triska | 1 Cginews | 2026-04-16 | N/A |
| Unknown vulnerability in CGINews before 1.06 allow remote attackers to read arbitrary files via "unfiltered user input." | ||||
| CVE-2006-4044 | 1 Brad Fears | 1 Phpcodecabinet | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Beautifier/Core.php in Brad Fears phpCodeCabinet 0.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the BEAUT_PATH parameter. | ||||
| CVE-2006-1989 | 1 Clam Anti-virus | 1 Clamav | 2026-04-16 | N/A |
| Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers. | ||||
| CVE-2006-4050 | 1 David Walker | 1 Phpautomembersarea | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in auto_check_renewals.php in phpAutoMembersArea (phpAMA) 3.2.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the installed_config_file parameter. | ||||
| CVE-2002-1759 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| The upload function in PHProjekt 2.0 through 3.1 does not properly verify certain variables related to uploaded data, which allows remote attackers to cause PHProjekt to process arbitrary files. | ||||
| CVE-2006-4051 | 1 Turnkey Web Tools | 1 Php Live Helper | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in global.php in Turnkey Web Tools PHP Live Helper 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter. | ||||
| CVE-2002-1770 | 1 Qualcomm | 1 Eudora | 2026-04-16 | N/A |
| Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer. | ||||
| CVE-2002-1788 | 1 Kim Storm | 1 Nn | 2026-04-16 | N/A |
| Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses. | ||||
| CVE-2006-0314 | 1 Pdfdirectory | 1 Pdfdirectory | 2026-04-16 | N/A |
| PDFdirectory before 1.0 stores sensitive data in plaintext, which allows remote attackers to obtain arbitrary users' passwords by direct queries to the database, possibly via one of the SQL injection vulnerabilities. | ||||
| CVE-2006-4058 | 1 Simplog | 1 Simplog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in archive.php in Simplog 0.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyw parameter when performing a search. NOTE: some details are obtained from third party information. | ||||
| CVE-2002-1837 | 1 Ids | 1 Ids | 2026-04-16 | N/A |
| The getAlbumToDisplay function in idsShared.pm for Image Display System (IDS) 0.81 allows remote attackers to determine the existence of arbitrary directories via ".." sequences in the album parameter, which generates different error messages depending on whether the directory exists or not. | ||||
| CVE-2002-1952 | 1 Phprank | 1 Phprank | 2026-04-16 | N/A |
| phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable. | ||||
| CVE-2003-1293 | 1 Nukedweb | 1 Guestbookhost | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb GuestBookHost allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Email and (3) Message fields when signing the guestbook. | ||||
| CVE-2003-1302 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2026-04-16 | N/A |
| The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via an e-mail message with a (1) To or (2) From header with an address that contains a large number of "\" (backslash) characters. | ||||
| CVE-2003-1399 | 1 Eject | 1 Eject | 2026-04-16 | N/A |
| eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, generates different error messages depending on whether a specified file exists or not, which allows local users to obtain sensitive information. | ||||
| CVE-2004-0528 | 1 Netscape | 1 Navigator | 2026-04-16 | N/A |
| Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. | ||||
| CVE-2004-0538 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user. | ||||
| CVE-2003-1509 | 1 Realnetworks | 2 Realone Enterprise Desktop, Realone Player | 2026-04-16 | N/A |
| Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 through RealOne Player 6.0.11.853 allows remote attackers to execute arbitrary script in the local security zone by embedding script in a temp file before the temp file is executed by the default web browser. | ||||