ReportizFlow
Filtered by vendor
Subscriptions
Total
29914 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1214 | 1 Visualshapers | 1 Ezcontents | 2026-04-16 | N/A |
| Unknown vulnerability in the server login for VisualShapers ezContents 2.02 and earlier allows remote attackers to bypass access restrictions and gain access to restricted functions. | ||||
| CVE-2003-1212 | 1 Maxwebportal | 1 Maxwebportal | 2026-04-16 | N/A |
| MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields, such as the (1) news, (2) lock, or (3) allmem fields in the 'start new topic' HTML page. | ||||
| CVE-2003-1237 | 1 Matt Wright | 1 Wwwboard | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in WWWBoard 2.0A2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via a message post. | ||||
| CVE-2003-1247 | 1 Positive Software | 1 H-sphere | 2026-04-16 | N/A |
| Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist. | ||||
| CVE-2003-1264 | 2 D-link, Longshine Technologie | 2 Di-614\+, Longshine Wireless Ethernet Access Point | 2026-04-16 | N/A |
| TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication. | ||||
| CVE-2003-1315 | 1 Neocrome | 1 Land Down Under | 2026-04-16 | N/A |
| SQL injection vulnerability in auth.php in Land Down Under (LDU) v601 and earlier allows remote attackers to execute arbitrary SQL commands. | ||||
| CVE-2003-1332 | 3 Linux, Redhat, Samba | 3 Linux Kernel, Enterprise Linux, Samba | 2026-04-16 | N/A |
| Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. | ||||
| CVE-2004-0361 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| The Javascript engine in Safari 1.2 and earlier allows remote attackers to cause a denial of service (segmentation fault) by creating a new Array object with a large size value, then writing into that array. | ||||
| CVE-2004-0388 | 2 Oracle, Redhat | 2 Mysql, Enterprise Linux | 2026-04-16 | N/A |
| The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2000-0262 | 1 Avm | 1 Ken | 2026-04-16 | N/A |
| The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed request. | ||||
| CVE-2004-0408 | 1 Michael Bacarella | 1 Ident2 | 2026-04-16 | N/A |
| Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code. | ||||
| CVE-2006-0768 | 1 Kadu | 1 Kadu | 2026-04-16 | N/A |
| Kadu 0.4.3 allows remote attackers to cause a denial of service (application crash) via a large number of image send requests. | ||||
| CVE-2006-0877 | 1 Easy Forum | 1 Easy Forum | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Easy Forum 2.5 allows remote attackers to inject arbitrary web script or HTML via the image variable. | ||||
| CVE-2002-1778 | 1 Symantec | 1 Norton Personal Firewall | 2026-04-16 | N/A |
| Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan. | ||||
| CVE-2006-1032 | 1 Phprpc | 1 Phprpc | 2026-04-16 | N/A |
| Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag. | ||||
| CVE-2005-1318 | 1 Horde | 1 Forwards | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Horde Forwards E-Mail Forwarding Manager before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. | ||||
| CVE-2006-1068 | 1 Netgear | 1 Netgear Router | 2026-04-16 | N/A |
| Netgear 614 and 624 routers, possibly running VXWorks, allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. | ||||
| CVE-2006-1069 | 1 Geeklog | 1 Geeklog | 2026-04-16 | N/A |
| Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr5, and possibly earlier versions allows attackers to gain privileges as arbitrary users via unknown vectors. | ||||
| CVE-2006-1087 | 1 Php-stats | 1 Php-stats | 2026-04-16 | N/A |
| Direct static code injection vulnerability in the modify_config action in admin.php for PHP-Stats 0.1.9.1 and earlier allows remote authenticated administrators to execute arbitrary PHP code via the option_new[compatibility_mode] parameter, which is not filtered before being stored in config.php. NOTE: this vulnerability can be exploited by remote unauthenticated attackers in conjunction with the option[admin_pass] authentication bypass vulnerability. | ||||
| CVE-2006-1159 | 1 Efs Software | 1 Efs Web Server | 2026-04-16 | N/A |
| Format string vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in the query string argument in an HTTP GET request. | ||||