ReportizFlow
Filtered by vendor
Subscriptions
Total
29930 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0297 | 1 Nombas | 1 Scriptease Webserver | 2026-04-16 | N/A |
| Buffer overflow in ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL in an HTTP request. | ||||
| CVE-2006-3183 | 1 Mobescripts | 1 Mobile Space Community | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in MobeScripts Mobile Space Community 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) browse parameter, which is not filtered in the resulting error message, and multiple unspecified input fields, including those involved when (2) updating a profile, (3) posting comments or entries in a blog, (4) uploading files, (5) picture captions, and (6) sending a private message (PM). | ||||
| CVE-2002-0304 | 1 Summit Computer Networks | 1 Lil Http Server | 2026-04-16 | N/A |
| Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP request. | ||||
| CVE-2002-0308 | 1 Stefan Holmberg | 1 Admentor | 2026-04-16 | N/A |
| admin.asp in AdMentor 2.11 allows remote attackers to bypass authentication and gain privileges via a SQL injection attack on the Login and Password arguments. | ||||
| CVE-2006-3186 | 1 Cms Faethon | 1 Cms Faethon | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CMS Faethon 1.3.2 allow remote attackers to inject arbitrary web script or HTML via the mainpath parameter to (1) data/footer.php and (2) admin/header.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-3194 | 1 Singapore | 1 Singapore | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) gallery and (2) template parameter. | ||||
| CVE-2006-3222 | 1 Fortinet | 1 Fortios | 2026-04-16 | N/A |
| The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode. | ||||
| CVE-2006-3230 | 1 Azureus Tracker | 1 Azureus Tracker | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.tmpl in Azureus Tracker 2.4.0.2 and earlier (Java BitTorrent Client Tracker) allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
| CVE-2006-3238 | 1 Vbzoom | 1 Vbzoom | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in VBZooM 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) MemberID parameter to rank.php, and the (2) QuranID parameter to lng.php. | ||||
| CVE-2002-0326 | 1 Working Resources Inc. | 1 Badblue | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in BadBlue before 1.6.1 beta allows remote attackers to execute arbitrary script and possibly additional commands via a URL that contains Javascript. | ||||
| CVE-2002-0328 | 1 Ikonboard.com | 1 Ikonboard | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Ikonboard 3.0.1 allows remote attackers to execute arbitrary script as other Ikonboard users and steal cookies via Javascript in an IMG tag. | ||||
| CVE-2002-0334 | 1 Xtell | 1 Xtell | 2026-04-16 | N/A |
| xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file. | ||||
| CVE-2002-0336 | 1 Galacticomm Technologies | 2 Worldgroup, Worldgroup Lite Personal Server | 2026-04-16 | N/A |
| Buffer overflow in Galacticomm Worldgroup FTP server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a LIST command containing a large number of / (slash), * (wildcard), and .. characters. | ||||
| CVE-2002-0341 | 1 Novell | 1 Groupwise | 2026-04-16 | N/A |
| GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter. | ||||
| CVE-2002-0344 | 1 Symantec | 1 Liveupdate | 2026-04-16 | N/A |
| Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server. | ||||
| CVE-2006-3249 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| SQL injection vulnerability in search.php in Phorum 5.1.14 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the vendor has disputed this report, stating "If a non positive integer or non-integer is used for the page parameter for a search URL, the search query will use a negative number for the LIMIT clause. This causes the query to break, showing no results. It IS NOT however a sql injection error." While the original report is from a researcher with mixed accuracy, as of 20060703, CVE does not have any additional information regarding this issue | ||||
| CVE-2006-3264 | 1 Namo | 1 Deepsearch | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in mclient.cgi in Namo DeepSearch 4.5 allows remote attackers to inject arbitrary web script or HTML via the p parameter. | ||||
| CVE-2002-0346 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attackers to execute arbitrary script as other Cobalt users via Javascript in a URL to (1) service.cgi or (2) alert.cgi. | ||||
| CVE-2002-0350 | 1 Hp | 1 Procurve Switch 4000m | 2026-04-16 | N/A |
| HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service. | ||||
| CVE-2002-0376 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field. | ||||