ReportizFlow
Filtered by vendor
Subscriptions
Total
29897 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4276 | 1 Westell | 1 Versalink | 2026-04-16 | N/A |
| Westell Versalink 327W allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from third party information. | ||||
| CVE-2001-0829 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message. | ||||
| CVE-2005-4282 | 1 Zaygo | 1 Domaincart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Zaygo DomainCart 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML, possibly via the root parameter to zaygo.cgi. | ||||
| CVE-2005-4287 | 1 Marmaraweb | 1 Marmaraweb E-commerce | 2026-04-16 | N/A |
| PHP remote file include vulnerability in MarmaraWeb E-commerce allows remote attackers to execute arbitrary code via the page parameter to index.php. | ||||
| CVE-2005-4291 | 1 Ectools | 1 Ectools Onlineshop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in cart.cgi in ECTOOLS Onlineshop 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) product, (2) category, and (3) uid parameters. | ||||
| CVE-2001-0527 | 1 Dcscripts | 2 Dcforum, Dcforum 2000 | 2026-04-16 | N/A |
| DCScripts DCForum versions 2000 and earlier allow a remote attacker to gain additional privileges by inserting pipe symbols (|) and newlines into the last name in the registration form, which will create an extra entry in the registration database. | ||||
| CVE-2005-0548 | 1 Sun | 1 Solaris Answerbook2 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search function. | ||||
| CVE-2006-3752 | 1 Professional Home Page Tools | 1 Professional Home Page Tools Guestbook | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in class.php in Professional Home Page Tools Guestbook allow remote attackers to execute arbitrary SQL commands via the (1) hidemail, (2) name, (3) mail, (4) ip, or (5) text parameters. | ||||
| CVE-2005-4324 | 1 Hitachi | 1 Groupmax Mail Smtp | 2026-04-16 | N/A |
| Hitachi Groupmax Mail SMTP 06-50 through 06-52-/A and 07-00 through 07-20 allows remote attackers to cause a denial of service (service stop) via an e-mail message with an "invalid format." | ||||
| CVE-2005-3792 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other versions before 7.9 with patch 3.1, allows remote attackers to execute arbitrary SQL commands, as demonstrated via the query parameter in a stories type. | ||||
| CVE-2006-4871 | 1 Keyvan1 | 1 Eshoppingpro | 2026-04-16 | N/A |
| SQL injection vulnerability in search_run.asp in Keyvan1 (aka Keyvan Janghorbani) EShoppingPro 1.0 allows remote attackers to execute arbitrary SQL commands via the order parameter. | ||||
| CVE-2001-0930 | 1 Sendpage | 1 Sendpage.pl | 2026-04-16 | N/A |
| Sendpage.pl allows remote attackers to execute arbitrary commands via a message containing shell metacharacters. | ||||
| CVE-2006-3759 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Unspecified vulnerability in MyBB (aka MyBulletinBoard) 1.1.4, related has unspecified impact and attack vectors related to "user group manipulation." | ||||
| CVE-2005-4341 | 1 Blackboard | 1 Academic Suite | 2026-04-16 | N/A |
| Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to list all available categories via a blank category_id parameter to category.pl. NOTE: it is not clear whether this information is sensitive or not, so this might not be an exposure. | ||||
| CVE-2005-4344 | 1 Macromedia | 1 Coldfusion | 2026-04-16 | N/A |
| Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration. | ||||
| CVE-2006-3770 | 1 Phpfaber | 1 Topsites | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in index.php in phpFaber TopSites 2.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) i_cat or (2) method parameters. | ||||
| CVE-2005-4351 | 4 Dragonfly, Freebsd, Linux and 1 more | 4 Dragonfly, Freebsd, Linux Kernel and 1 more | 2026-04-16 | N/A |
| The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running. | ||||
| CVE-2006-3566 | 1 Hivemail | 1 Hivemail | 2026-04-16 | N/A |
| search.results.php in HiveMail 3.1 and earlier allows remote attackers to obtain the installation path via certain manipulations related to the (1) searchdate and (2) folderids parameters. | ||||
| CVE-2001-1002 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands. | ||||
| CVE-2001-1003 | 1 Webct | 1 Respondus | 2026-04-16 | N/A |
| Respondus 1.1.2 for WebCT uses weak encryption to remember usernames and passwords, which allows local users who can read the WEBCT.SVR file to decrypt the passwords and gain additional privileges. | ||||