ReportizFlow
Filtered by vendor
Subscriptions
Total
29916 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3337 | 1 Cpanel | 1 Cpanel | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in frontend/x/files/select.html in cPanel 10.8.2-CURRENT 118 and earlier allows remote attackers to inject arbitrary web script or HTML via the file parameter. | ||||
| CVE-2006-3369 | 1 Iduprey | 1 Kamikaze-qscm | 2026-04-16 | N/A |
| Kamikaze-QSCM 0.1 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information, including the database configuration. | ||||
| CVE-2006-3371 | 1 Eupla | 1 Foros | 2026-04-16 | N/A |
| Eupla Foros 1.0 stores the inc/config.inc file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information, including the database configuration. | ||||
| CVE-2006-3382 | 1 Mads | 1 Mads | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in mAds 1.0 allows remote attackers to inject arbitrary web script or HTML via the "search string". | ||||
| CVE-2006-3399 | 1 Moniwiki | 1 Moniwiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki before 1.1.2-20060702 allows remote attackers to inject arbitrary Javascript via the URL, which is reflected back in an error message, a variant of CVE-2004-1632. | ||||
| CVE-2006-3481 | 1 Joomla | 1 Joomla | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute arbitrary SQL commands via unspecified parameters involving the (1) "Remember Me" function, (2) "Related Items" module, and the (3) "Weblinks submission". | ||||
| CVE-2006-3492 | 1 Mico | 1 Mico | 2026-04-16 | N/A |
| The CORBA::ORBInvokeRec::set_answer_invoke function in orb.cc in MICO (Mico Is CORBA) 2.3.12 and earlier allows remote attackers to cause a denial of service (application crash) via a message with an incorrect "object key", which triggers an assert error. | ||||
| CVE-2006-3538 | 1 Beatificfaith | 1 Eprayer | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in demo.php in BeatificFaith Eprayer Alpha allow remote attackers to inject arbitrary web script or HTML via the SRC attribute of a SCRIPT element in the (1) "Your name" field and (2) "Enter Prayer Request here" field. | ||||
| CVE-2006-4605 | 1 Longino | 1 Jacome Php-revista | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to execute arbitrary PHP code via the adodb parameter. | ||||
| CVE-2000-0760 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension. | ||||
| CVE-2004-0656 | 1 Pureftpd | 1 Pureftpd | 2026-04-16 | N/A |
| The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections. | ||||
| CVE-2001-0135 | 1 Ultrascripts | 1 Ultraboard | 2026-04-16 | N/A |
| The default installation of Ultraboard 2000 2.11 creates the Skins, Database, and Backups directories with world-writeable permissions, which could allow local users to modify sensitive information or possibly insert and execute CGI programs. | ||||
| CVE-2001-1020 | 1 Vibechild | 1 Directory Manager | 2026-04-16 | N/A |
| edit_image.php in Vibechild Directory Manager before 0.91 allows remote attackers to execute arbitrary commands via shell metacharacters in the userfile_name parameter, which is sent unfiltered to the PHP passthru function. | ||||
| CVE-2002-0230 | 1 Faq-o-matic | 1 Faq-o-matic | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 allows remote attackers to execute arbitrary Javascript on other clients via the cmd parameter, which causes the script to be inserted into an error message. | ||||
| CVE-2002-0749 | 1 Cgiscript.net | 1 Csmailto | 2026-04-16 | N/A |
| CGIscript.net csMailto.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the form-attachment field. | ||||
| CVE-2001-0025 | 1 Leif M. Wright | 1 Ad.cgi | 2026-04-16 | N/A |
| ad.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter. | ||||
| CVE-2001-1000 | 1 Merit | 1 Aaa Radius Server | 2026-04-16 | N/A |
| rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and possibly other versions, allows local users to read arbitrary files via a symlink attack on the rlmadmin.help file. | ||||
| CVE-2001-1466 | 1 Van Dyke Technologies | 1 Securecrt | 2026-04-16 | N/A |
| Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH-1 protocol, allows remote attackers to execute arbitrary code via a long (1) username or (2) password. | ||||
| CVE-2001-0961 | 1 John E. Davis | 1 Most | 2026-04-16 | N/A |
| Buffer overflow in tab expansion capability of the most program allows local or remote attackers to execute arbitrary code via a malformed file that is viewed with most. | ||||
| CVE-2001-0980 | 1 Caldera | 2 Openlinux Server, Openlinux Workstation | 2026-04-16 | N/A |
| docview before 1.0-15 allows remote attackers to execute arbitrary commands via shell metacharacters that are processed when converting a man page to a web page. | ||||