ReportizFlow
Filtered by vendor
Subscriptions
Total
29926 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1171 | 1 Datenbank Module | 1 Datenbank Module | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in mod.php in the datenbank module for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2006-0776 | 1 Teca Scripts | 1 Guestex | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter. | ||||
| CVE-2005-2635 | 2 Phpadsnew, Phppgads | 2 Phpadsnew, Phppgads | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in phpAdsNew and phpPgAds before 2.0.6 allow remote attackers to include arbitrary files via a .. (dot dot) in the (1) layerstyle parameter to adlayer.php or (2) language parameter to js-form.php. | ||||
| CVE-2005-3560 | 1 Zonelabs | 4 Zonealarm, Zonealarm Anti-spyware, Zonealarm Antivirus and 1 more | 2026-04-16 | N/A |
| Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags. | ||||
| CVE-1999-0420 | 1 Netbsd | 1 Umapfs | 2026-04-16 | N/A |
| umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program. | ||||
| CVE-1999-0423 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges. | ||||
| CVE-2005-3582 | 1 Imagemagick | 1 Imagemagick | 2026-04-16 | N/A |
| ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime. | ||||
| CVE-2005-3584 | 1 Phpwebthings | 1 Phpwebthings | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to inject arbitrary web script or HTML via the forum parameter. | ||||
| CVE-2005-3585 | 1 Phpwebthings | 1 Phpwebthings | 2026-04-16 | N/A |
| SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the forum parameter. | ||||
| CVE-2005-3587 | 1 Clam Anti-virus | 1 Clamav | 2026-04-16 | N/A |
| Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before 0.87.1 allows attackers to perform unknown attacks via unknown vectors. | ||||
| CVE-2004-1076 | 2 Atari800, Debian | 2 Atari800, Debian Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file. | ||||
| CVE-2005-1188 | 1 Comersus Open Technologies | 1 Comersus Cart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in comersus_searchItem.asp in Comersus 3.90 to 4.51 allows remote attackers to inject arbitrary web script or HTML via the curPage parameter. | ||||
| CVE-2005-1191 | 1 Microsoft | 4 Windows 2000, Windows 98, Windows 98se and 1 more | 2026-04-16 | N/A |
| The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly filter an apostrophe ("'") in the author name in a document, which allows attackers to execute arbitrary script via extra attributes when Web View constructs a mailto: link for the preview pane when the user selects the file. | ||||
| CVE-1999-0304 | 4 Bsdi, Freebsd, Netbsd and 1 more | 4 Bsd Os, Freebsd, Netbsd and 1 more | 2026-04-16 | N/A |
| mmap function in BSD allows local attackers in the kmem group to modify memory through devices. | ||||
| CVE-2005-1297 | 1 Include.cgi | 1 Include.cgi | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the include.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument. | ||||
| CVE-2005-1322 | 1 Horde | 1 Nag | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Horde Nag Task List Manager before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. | ||||
| CVE-2005-1402 | 1 Mtp-target | 1 Mtp-target | 2026-04-16 | N/A |
| Integer signedness error in certain older versions of the NeL library, as used in Mtp-Target 1.2.2 and earlier, and possibly other products, allows remote attackers to cause a denial of service (memory consumption or server crash) via a negative value in a STLport call, which is not caught by a signed comparison. | ||||
| CVE-2005-1424 | 1 Stumbleinside | 1 Gotext | 2026-04-16 | N/A |
| StumbleInside GoText 1.01 stores sensitive username, mail address,and phone number information in plaintext in the GoText.bin file, which allows local users to obtain that information. | ||||
| CVE-2005-1427 | 1 Uapplication | 1 Uphotogallery | 2026-04-16 | N/A |
| Uapplication Uphotogallery stores the database under the web document root, which allows remote attackers to obtain sensitive information via a direct request to uphotogallery.mdb. | ||||
| CVE-1999-0449 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. | ||||