ReportizFlow
Filtered by vendor
Subscriptions
Total
29914 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0235 | 1 White Angle | 1 White Album | 2026-04-16 | N/A |
| SQL injection vulnerability in WhiteAlbum 2.5 allows remote attackers to execute arbitrary SQL commands via the dir parameter to pictures.php. | ||||
| CVE-2006-0251 | 1 Faq-o-matic | 1 Faq-o-matic | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in fom.cgi in Faq-O-Matic 2.711 allows remote attackers to inject arbitrary web script or HTML via the (1) _duration, (2) file, and (3) cmd parameters. | ||||
| CVE-2006-1976 | 1 Geekforgod.net | 1 Prayer Request Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in addRequest.php in Prayer Request Board (PRB) Beta 1 before 20060320 allows remote attackers to inject arbitrary web script or HTML via the Request field. | ||||
| CVE-2005-1505 | 1 Apple | 1 Mail | 2026-04-16 | N/A |
| The new account wizard in Mail.app 2.0 in Mac OS 10.4, when configuring an IMAP mail account and checking the credentials, does not prompt the user to use SSL until after the password has already been sent, which causes the password to be sent in plaintext. | ||||
| CVE-2005-1506 | 1 Cj | 1 Ultra Plus | 2026-04-16 | N/A |
| SQL injection vulnerability in out.php in CJ Ultra (CJUltra) Plus 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via the perm parameter. | ||||
| CVE-2006-1998 | 1 Openttd | 1 Openttd | 2026-04-16 | N/A |
| OpenTTD 0.4.7 and earlier allows local users to cause a denial of service (application exit) via a large invalid error number, which triggers an error. | ||||
| CVE-2005-0239 | 1 Squirrelmail | 1 S Mime Plugin | 2026-04-16 | N/A |
| viewcert.php in the S/MIME plugin 0.4 and 0.5 for Squirrelmail allows remote attackers to execute arbitrary commands via shell metacharacters in the cert parameter. | ||||
| CVE-2006-0327 | 1 Typo3 | 1 Typo3 | 2026-04-16 | N/A |
| TYPO3 3.7.1 allows remote attackers to obtain sensitive information via a direct request to (1) thumbs.php, (2) showpic.php, or (3) tables.php, which causes them to incorrectly define a variable and reveal the path in an error message when a require function call fails. | ||||
| CVE-2006-2035 | 1 Websense | 1 Websense | 2026-04-16 | N/A |
| Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL. | ||||
| CVE-2005-0158 | 1 Bidwatcher | 1 Bidwatcher | 2026-04-16 | N/A |
| Format string vulnerability in bidwatcher before 1.3.17 allows remote malicious web servers from eBay, or a spoofed eBay server, to cause a denial of service and possibly execute arbitrary code via certain responses. | ||||
| CVE-2006-0573 | 1 Cpanel | 1 Cpanel | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to (a) editquota.html or (b) dodelpop.html; (2) showtree parameter to (c) diskusage.html; or the (3) mon, (4) year, (5) target, or (6) domain parameter to (d) stats/detailbw.html. | ||||
| CVE-2005-0162 | 2 Openswan, Xelerance | 2 Openswan, Openswan | 2026-04-16 | N/A |
| Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code. | ||||
| CVE-2004-0736 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the path in an error message. | ||||
| CVE-2004-0752 | 2 Openoffice, Redhat | 2 Openoffice, Enterprise Linux | 2026-04-16 | N/A |
| OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users. | ||||
| CVE-2006-0767 | 1 Nathan Neulinger | 1 Cgiwrap | 2026-04-16 | N/A |
| CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in scripts that reveal system information. | ||||
| CVE-2006-0777 | 1 Teca Scripts | 1 Guestex | 2026-04-16 | N/A |
| Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters. | ||||
| CVE-2002-1610 | 1 Hp | 2 Hp-ux, Tru64 | 2026-04-16 | N/A |
| Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service. | ||||
| CVE-2004-2430 | 1 Trend Micro | 1 Officescan | 2026-04-16 | N/A |
| Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges. | ||||
| CVE-2004-2446 | 1 1st Class Internet Solutions | 1 1st Class Mail Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a ".." (dot dot) sequences in unknown vectors. | ||||
| CVE-2006-0821 | 1 Bxcp | 1 Bxcp | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in BXCP 0.299 allows remote attackers to execute arbitrary SQL commands via the tid parameter. | ||||