ReportizFlow
Filtered by vendor
Subscriptions
Total
29925 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2570 | 1 Funkboard | 1 Funkboard | 2026-04-16 | N/A |
| FunkBoard 0.66CF, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to forums.php, which reveals the path in an error message. | ||||
| CVE-2005-2584 | 1 Mentor | 1 Adslfr4ii | 2026-04-16 | N/A |
| The web administration interface in Mentor ADSL-FR4II router running firmware 2.00.0111 does not set a default password, which allows local users to gain access. | ||||
| CVE-2005-2917 | 2 Redhat, Squid | 2 Enterprise Linux, Squid | 2026-04-16 | N/A |
| Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart). | ||||
| CVE-2005-2650 | 1 Emefa | 1 Emefa Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in sign.asp in Emefa Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, and (3) email parameters. | ||||
| CVE-2005-2652 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| Zorum 3.5 allows remote attackers to obtain the full installation path via direct requests to (1) gorum/notification.php, (2) user.php, (3) attach.php, (4) blacklist.php, (5) zorum/forum.php, (6) globalstat.php, (7) gorum/trace.php, (8) gorum/badwords.php, or (9) gorum/flood.php. | ||||
| CVE-2005-2663 | 1 Masqmail | 1 Masqmail | 2026-04-16 | N/A |
| masqmail before 0.2.18 allows local users to overwrite arbitrary files via a symlink attack on a log file. | ||||
| CVE-2004-1039 | 1 Sco | 2 Openserver, Unixware | 2026-04-16 | N/A |
| The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request. | ||||
| CVE-2004-1069 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2026-04-16 | N/A |
| Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_sendmsg function. | ||||
| CVE-2004-1985 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in menu.inc.php in Coppermine Photo Gallery 1.2.2b allows remote attackers to inject arbitrary HTML or web script via the CPG_URL parameter. | ||||
| CVE-2004-1163 | 1 Cisco | 1 Cns Network Registrar | 2026-04-16 | N/A |
| Cisco CNS Network Registrar Central Configuration Management (CCM) server 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (CPU consumption) by ending a connection after sending a certain sequence of packets. | ||||
| CVE-2004-1169 | 1 Mysql | 1 Maxdb | 2026-04-16 | N/A |
| MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause a denial of service (application crash) via an HTTP GET request for a file that does not exist, followed by two carriage returns, which causes a NULL dereference. | ||||
| CVE-2004-1213 | 1 Advanced Guestbook | 1 Advanced Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Advanced Guestbook 2.3.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the entry parameter. | ||||
| CVE-2004-1232 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2026-04-16 | N/A |
| Stack-based buffer overflow in the code that sends images in Gadu-Gadu allows remote attackers to execute arbitrary code via a large image filename. | ||||
| CVE-2001-1522 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in im.php in IMessenger for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via a message. | ||||
| CVE-2004-1430 | 1 Ipbproarcade | 1 Ipbproarcade | 2026-04-16 | N/A |
| SQL injection vulnerability in the show_stats module in Arcade.php in IbProArcade allows remote attackers to execute arbitrary SQL code via the gameid parameter. | ||||
| CVE-2001-1525 | 1 Easyscripts | 1 Easynews | 2026-04-16 | N/A |
| Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter. | ||||
| CVE-2004-1446 | 1 Juniper | 1 Netscreen Screenos | 2026-04-16 | N/A |
| Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet. | ||||
| CVE-2004-1467 | 1 Egroupware | 1 Egroupware | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare 1.0.00.003 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) date or search text field in the calendar module, (2) Field parameter, Filter parameter, QField parameter, Start parameter or Search field in the address module, (3) Subject field in the message module or (4) Subject field in the Ticket module. | ||||
| CVE-2004-1468 | 2 Usermin, Webmin | 2 Usermin, Webmin | 2026-04-16 | N/A |
| The web mail functionality in Usermin 1.x and Webmin 1.x allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail message. | ||||
| CVE-2004-1470 | 1 Snipsnap | 1 Snipsnap | 2026-04-16 | N/A |
| CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions before 1.0b1, allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server. | ||||