ReportizFlow
Filtered by vendor
Subscriptions
Total
29916 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1002 | 1 Netscape | 1 Communicator | 2026-04-16 | N/A |
| Netscape Navigator uses weak encryption for storing a user's Netscape mail password. | ||||
| CVE-2004-0078 | 2 Mutt, Redhat | 3 Mutt, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages. | ||||
| CVE-2005-3999 | 1 Sitebeater | 1 Sitebeater Mp3 Catalog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Search.asp in SiteBeater MP3 Catalog 2.03 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | ||||
| CVE-2005-4003 | 1 Asps | 1 Shopping Cart | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Absolute Shopping Package Solutions (ASPS) Shopping Cart Professional 2.9d and earlier, and Lite 2.1 and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) srch_product_name parameter to adv_search.asp and (2) b_search parameter to bsearch.asp. NOTE: the original disclosure was specifically only for an XSS issue, but the CVE description was for SQL injection. Since the original disclosure, SQL injection vectors have been reported. This CVE might be REJECTed or significantly altered pending additional information. | ||||
| CVE-2006-3772 | 1 Php-post | 1 Php-post | 2026-04-16 | N/A |
| PHP-Post 0.21 and 1.0, and possibly earlier versions, when auto-login is enabled, allows remote attackers to bypass security restrictions and obtain administrative privileges by modifying the logincookie[user] setting in the login cookie. | ||||
| CVE-2005-4009 | 1 Php Lite | 1 Calendar Express | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cid and (2) catid parameters to (a) day.php, (b) week.php, (c) month.php, and (d) year.php. | ||||
| CVE-2004-0111 | 3 Gnome, Redhat, Sgi | 6 Gdkpixbuf, Enterprise Linux, Gdk Pixbuf and 3 more | 2026-04-16 | N/A |
| gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file. | ||||
| CVE-2005-4033 | 1 Ali Bousahid | 1 Nodezilla | 2026-04-16 | N/A |
| Nodezilla 0.4.13-corno-fulgure does not properly protect the evl_data directory, which could allow them to be shared when they are not protected by PRIVATEDATADIR in nodezilla.ini, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2005-4036 | 1 Web4future | 1 Keyword Frequency Counter | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.cgi in Web4Future KeyWord Frequency Counter 1.0 allows remote attackers to inject arbitrary web script or HTML via the "remote URL." | ||||
| CVE-2006-3836 | 1 Unidomedia | 1 Chameleon Le | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in UNIDOmedia Chameleon LE 1.203 and earlier, and possibly Chameleon PRO, allows remote attackers to read arbitrary files via the rmid parameter. | ||||
| CVE-2004-0127 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| Directory traversal vulnerability in editconfig_gedcom.php for phpGedView 2.65.1 and earlier allows remote attackers to read arbitrary files or execute arbitrary PHP programs on the server via .. (dot dot) sequences in the gedcom_config parameter. | ||||
| CVE-2005-4043 | 1 Hobosworld | 1 Hobsr | 2026-04-16 | N/A |
| SQL injection vulnerability in view.php in Hobosworld HobSR 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) arrange and (2) p parameters. | ||||
| CVE-2005-4054 | 1 Pluggedout | 1 Pluggedout Blog | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in PluggedOut Blog 1.9.5 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categoryid, (2) entryid, (3) year, (4) month, and (5) day parameter. | ||||
| CVE-2005-4084 | 1 Phpbb Styles | 1 Phpbb Extreme Styles | 2026-04-16 | N/A |
| xs_edit.php in the phpBB eXtreme Styles module 2.2.1 and earlier allows remote attackers to obtain the installation path of the application via an invalid viewbackup parameter. | ||||
| CVE-2005-4088 | 1 W2b | 1 Phpforumpro | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in phpForumPro 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) parent and (2) day parameters. | ||||
| CVE-2005-4194 | 1 Innovateware | 1 Sights N Sounds Streaming Media Server | 2026-04-16 | N/A |
| Buffer overflow in MediaServerList.exe in Sights 'n Sounds Streaming Media Server 2.0.3.a allows remote attackers to cause a denial of service (application crash) via a long query string. | ||||
| CVE-2006-3930 | 1 Mamboxchange | 1 A6mambohelpdesk | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | ||||
| CVE-2005-4126 | 1 Realnetworks | 1 Realplayer | 2026-04-16 | N/A |
| ** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPlayer allows attackers to execute arbitrary code. NOTE: the information regarding this issue is extremely vague and does not provide any verifiable information. It has been posted by a reliable reporter with a prerelease disclosure policy. This item has only been assigned a CVE identifier for tracking purposes, and to serve as a concrete example for discussion of the newly emerging UNVERIFIABLE and PRERELEASE content decisions in CVE, which must be discussed by the Editorial Board. Without additional details or independent verification by reliable sources, it is possible that this item might be RECAST or REJECTED. | ||||
| CVE-1999-0014 | 3 Cde, Hp, Ibm | 4 Cde, Hp-ux, Vvos and 1 more | 2026-04-16 | N/A |
| Unauthorized privileged access or denial of service via dtappgather program in CDE. | ||||
| CVE-2001-0202 | 1 Informs | 1 Picserver | 2026-04-16 | N/A |
| Picserver web server allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTP GET request. | ||||