ReportizFlow
Filtered by vendor
Subscriptions
Total
29918 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4291 | 1 Ectools | 1 Ectools Onlineshop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in cart.cgi in ECTOOLS Onlineshop 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) product, (2) category, and (3) uid parameters. | ||||
| CVE-2005-0548 | 1 Sun | 1 Solaris Answerbook2 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search function. | ||||
| CVE-2006-3752 | 1 Professional Home Page Tools | 1 Professional Home Page Tools Guestbook | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in class.php in Professional Home Page Tools Guestbook allow remote attackers to execute arbitrary SQL commands via the (1) hidemail, (2) name, (3) mail, (4) ip, or (5) text parameters. | ||||
| CVE-2005-3792 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other versions before 7.9 with patch 3.1, allows remote attackers to execute arbitrary SQL commands, as demonstrated via the query parameter in a stories type. | ||||
| CVE-2005-4324 | 1 Hitachi | 1 Groupmax Mail Smtp | 2026-04-16 | N/A |
| Hitachi Groupmax Mail SMTP 06-50 through 06-52-/A and 07-00 through 07-20 allows remote attackers to cause a denial of service (service stop) via an e-mail message with an "invalid format." | ||||
| CVE-2006-4871 | 1 Keyvan1 | 1 Eshoppingpro | 2026-04-16 | N/A |
| SQL injection vulnerability in search_run.asp in Keyvan1 (aka Keyvan Janghorbani) EShoppingPro 1.0 allows remote attackers to execute arbitrary SQL commands via the order parameter. | ||||
| CVE-2001-0930 | 1 Sendpage | 1 Sendpage.pl | 2026-04-16 | N/A |
| Sendpage.pl allows remote attackers to execute arbitrary commands via a message containing shell metacharacters. | ||||
| CVE-2006-3759 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Unspecified vulnerability in MyBB (aka MyBulletinBoard) 1.1.4, related has unspecified impact and attack vectors related to "user group manipulation." | ||||
| CVE-2002-1386 | 1 Ehud Gavron | 1 Tracesroute | 2026-04-16 | N/A |
| Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow local users to execute arbitrary code via a long hostname argument. | ||||
| CVE-2001-0224 | 1 Brightstation | 1 Muscat Empower | 2026-04-16 | N/A |
| Muscat Empower CGI program allows remote attackers to obtain the absolute pathname of the server via an invalid request in the DB parameter. | ||||
| CVE-2002-1402 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment variables for PostgreSQL 7.2.1 and earlier allow local users to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2002-1413 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" (SSL) option during a connection. | ||||
| CVE-2006-3964 | 1 Banex | 1 Banex | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_root parameter. | ||||
| CVE-2006-3965 | 1 Banex | 1 Banex | 2026-04-16 | N/A |
| Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as database usernames and passwords. | ||||
| CVE-2006-3970 | 1 Joomla | 1 Lmo | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in lmo.php in the LMO Component (com_lmo) 1.0b2 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2002-1488 | 1 Cerulean Studios | 1 Trillian | 2026-04-16 | N/A |
| The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service (crash) via a PART message with (1) a missing channel or (2) a channel that the Trillian user is not in. | ||||
| CVE-2006-3972 | 1 Scott Weedon | 1 Ajax Chat | 2026-04-16 | N/A |
| Directory traversal vulnerability in includes/operator_chattranscript.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote attackers to read arbitrary files via a .. (dot dot) in the chatid parameter. | ||||
| CVE-2001-0242 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Buffer overflows in Microsoft Windows Media Player 7 and earlier allow remote attackers to execute arbitrary commands via (1) a long version tag in an .ASX file, or (2) a long banner tag, a variant of the ".ASX Buffer Overrun" vulnerability as discussed in MS:MS00-090. | ||||
| CVE-2002-1489 | 1 Planetdns | 1 Planetweb | 2026-04-16 | N/A |
| Buffer overflow in PlanetDNS PlanetWeb 1.14 and earlier allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long URL or (2) a request with a long method name. | ||||
| CVE-2000-0897 | 1 Max Feoktistov | 1 Small Http Server | 2026-04-16 | N/A |
| Small HTTP Server 2.03 and earlier allows remote attackers to cause a denial of service by repeatedly requesting a URL that references a directory that does not contain an index.html file, which consumes memory that is not released after the request is completed. | ||||