ReportizFlow
Filtered by vendor
Subscriptions
Total
29916 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3736 | 1 Coastal Data Management | 1 E-quick Cart | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in e-Quick Cart allow remote attackers to inject arbitrary web script or HTML via the (1) strgifttoname parameter in shopgift.asp, (2) strfirstname parameter in shopmaillist.asp, (3) strpid parameter in shopprojectlogin.asp, and (4) Custname parameter in shoptellafriend.asp. | ||||
| CVE-2005-0318 | 1 Alt-n | 1 Webadmin | 2026-04-16 | N/A |
| useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users' account information via a modified user parameter. | ||||
| CVE-2005-4468 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| PHP remote file include vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to execute arbitrary code via a URL in the PGV_BASE_DIRECTORY parameter. | ||||
| CVE-2005-4517 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 allows remote attackers to execute arbitrary SQL commands via the ratings parameter in multiple scripts, such as ratings_include.php. | ||||
| CVE-2006-2967 | 1 Syworks | 1 Safenet | 2026-04-16 | N/A |
| Syworks SafeNET allows local users to bypass restrictions on network resource consumption by editing the policy.dat file. | ||||
| CVE-2006-3439 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314. | ||||
| CVE-2001-0747 | 1 Iplanet | 1 Iplanet Web Server | 2026-04-16 | N/A |
| Buffer overflow in iPlanet Web Server (iWS) Enterprise Edition 4.1, service packs 3 through 7, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long method name in an HTTP request. | ||||
| CVE-2001-0751 | 1 Cisco | 1 Cbos | 2026-04-16 | N/A |
| Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections. | ||||
| CVE-2006-3884 | 1 Gonafish | 1 Linkscaffe | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE: this issue can also be used for path disclosure by a forced SQL error, or to modify PHP files using OUTFILE. | ||||
| CVE-2006-3901 | 1 Tumbleweed | 1 Mailgate Email Firewall | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute arbitrary code via an email attachment with an LHA archive that contains a (1) file or (2) directory with a long LHA extended header, (3) an LHA archive in which the "temporary pathname" field for decompressed output is greater than 2 bytes, or (4) an LHA archive with a long filename. | ||||
| CVE-2001-0754 | 1 Cisco | 1 Cbos | 2026-04-16 | N/A |
| Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets. | ||||
| CVE-2006-4106 | 1 Blursoft | 1 Blur6ex | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in blursoft blur6ex 0.3 allows remote attackers to inject arbitrary web script or HTML via a comment title. | ||||
| CVE-2006-4020 | 2 Php, Redhat | 4 Php, Enterprise Linux, Rhel Application Stack and 1 more | 2026-04-16 | N/A |
| scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execute arbitrary code via a sscanf PHP function call that performs argument swapping, which increments an index past the end of an array and triggers a buffer over-read. | ||||
| CVE-2001-0756 | 1 Virtualcart | 1 Virtualcatalog | 2026-04-16 | N/A |
| CatalogMgr.pl in VirtualCatalog (incorrectly claimed to be in VirtualCart) allows remote attackers to execute arbitrary code via the template parameter. | ||||
| CVE-2006-4127 | 1 Dconnect | 1 Dconnect Daemon | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and earlier allow remote administrators to execute arbitrary code via format string specifiers that are not properly handled when calling the (1) privmsg() or (2) pubmsg functions from (a) cmd.user.c, (b) penalties.c, or (c) cmd.dc.c. | ||||
| CVE-2005-1943 | 1 Loki | 1 Loki Download Manager Catgory Version | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Loki download manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) password field to default.asp or (2) cat parameter to catinfo.asp. | ||||
| CVE-2006-4133 | 1 Sap | 1 Internet Graphics Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in SAP Internet Graphics Service (IGS) 6.40 and earlier, and 7.00 and earlier, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via an HTTP request with an ADM:GETLOGFILE command and a long portwatcher argument, which triggers the overflow during error message construction when the _snprintf function returns a negative value that is used in a memcpy operation. | ||||
| CVE-2006-4164 | 1 Phpprintanalyzer | 1 Phpprintanalyzer | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in inc/header.inc.php in phpPrintAnalyzer 1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ficStyle parameter. | ||||
| CVE-2006-4345 | 1 Digium | 1 Asterisk | 2026-04-16 | N/A |
| Stack-based buffer overflow in channels/chan_mgcp.c in MGCP in Asterisk 1.0 through 1.2.10 allows remote attackers to execute arbitrary code via a crafted audit endpoint (AUEP) response. | ||||
| CVE-2006-4452 | 1 Web3king | 1 Web3news | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in security/include/_class.security.php in Web3news 0.95 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the PHPSECURITYADMIN_PATH parameter. | ||||