Total
29737 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1023 | 1 Working Resources Inc. | 1 Badblue | 2025-04-03 | N/A |
| BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI. | ||||
| CVE-2006-2348 | 1 Oasyssoft | 1 E-business Designer | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in form_grupo.html in E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this issue might be resultant from SQL injection. | ||||
| CVE-2002-1046 | 1 Watchguard | 2 Firebox, Soho Firewall | 2025-04-03 | N/A |
| Dynamic VPN Configuration Protocol service (DVCP) in Watchguard Firebox firmware 5.x.x allows remote attackers to cause a denial of service (crash) via a malformed packet containing tab characters to TCP port 4110. | ||||
| CVE-2002-1083 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | N/A |
| Directory traversal vulnerabilities in ezContents 1.41 and earlier allow remote attackers to cause ezContents to (1) create directories using the Maintain Images:Add New:Create Subdirectory item, or (2) list directories using the Maintain Images file listing, via .. (dot dot) sequences. | ||||
| CVE-2002-1089 | 1 Oracle | 2 Application Server, Reports | 2025-04-03 | N/A |
| rwcgi60 CGI program in Oracle Reports Server, by design, provides sensitive information such as the full pathname, which could enable remote attackers to use the information in additional attacks. | ||||
| CVE-2004-1869 | 1 Nival Interactive | 2 Etherlords, Etherlords Ii | 2025-04-03 | N/A |
| Etherlords I 1.07 and earlier and Etherlords II 1.03 and earlier allows remote attackers to cause a denial of service (crash) by sending a packet that specifies the size for the next packet, then sending a larger packet than specified, which causes Etherlords to read unallocated memory. | ||||
| CVE-2005-3230 | 1 Panda | 1 Activescan | 2025-04-03 | N/A |
| Multiple interpretation error in unspecified versions of Panda Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | ||||
| CVE-2005-3236 | 1 Cynox | 1 Cyphor | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Cyphor 0.19 allow remote attackers to execute arbitrary SQL and obtain administrative access via (1) the fid parameter of newmsg.php, which can enable XSS attacks when the SQL syntax is invalid or (2) the nick parameter of lostpwd.php. | ||||
| CVE-2004-1882 | 1 Cactusoft | 1 Cactushop | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in popuplargeimage.asp in CactuShop 5.x allows remote attackers to inject arbitrary web script or HTML via the strImageTag parameter. | ||||
| CVE-2004-1888 | 1 Aborior | 1 Encore Web Forum | 2025-04-03 | N/A |
| display.cgi in Aborior Encore WebForum allows remote to execute arbitrary commands via shell metacharacters in the file variable. | ||||
| CVE-2006-0918 | 1 Ritlabs | 1 The Bat | 2025-04-03 | N/A |
| Buffer overflow in RITLabs The Bat! 3.60.07 allows remote attackers to execute arbitrary code via a long Subject field. | ||||
| CVE-2006-3795 | 1 Deluxebb | 1 Deluxebb | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB before 1.08 allow remote attackers to inject arbitrary web script or HTML via the (1) membercookie cookie in header.php and the (2) redirect parameter in misc.php. | ||||
| CVE-2004-1912 | 2 Francisco Burzi, Shiba-design | 2 Php-nuke, Nukecalendar | 2025-04-03 | N/A |
| The (1) modules.php, (2) block-Calendar.php, (3) block-Calendar1.php, (4) block-Calendar_center.php scripts in NukeCalendar 1.1.a, as used in PHP-Nuke, allow remote attackers to obtain sensitive information via a URL with an invalid argument, which reveals the full path in an error message. | ||||
| CVE-2004-1937 | 1 Nuked-klan | 1 Nuked-klan | 2025-04-03 | N/A |
| Multiple directory traversal vulnerabilities in Nuked-KlaN 1.4b and 1.5b allow remote attackers to read or include arbitrary files via .. sequences in (1) the user_langue parameter to index.php or (2) the langue parameter to update.php, or modify arbitrary GLOBAL variables by causing globals.php to be loaded before conf.inc.php via (3) .. sequences in the file parameter with the page parameter set to globals, or (4) ../globals.php in the user_langue parameter, as demonstrated by modifying $nuked[prefix] in the Suggest module. | ||||
| CVE-2006-2550 | 1 Perlpodder | 1 Perlpodder | 2025-04-03 | N/A |
| perlpodder before 0.5 allows remote attackers to execute arbitrary code via shell metacharacters in the URL of a podcast, which are executed when saving the URL to a log file. NOTE: the wget vector is already covered by CVE-2006-2548. | ||||
| CVE-2004-1949 | 1 Postnuke Software Foundation | 1 Postnuke | 2025-04-03 | N/A |
| SQL injection vulnerability in PostNuke 7.2.6 and earlier allows remote attackers to execute arbitrary SQL via (1) the sif parameter to index.php in the Comments module or (2) timezoneoffset parameter to changeinfo.php in the Your_Account module. | ||||
| CVE-2006-3845 | 1 Rarlab | 1 Winrar | 2025-04-03 | N/A |
| Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 beta 6 allows remote attackers to execute arbitrary code via a long filename in a LHA archive. | ||||
| CVE-2006-3909 | 1 Wired Community Software | 1 Wwwthreads | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in calendar.php in WWWthreads allows remote attackers to inject arbitrary web script or HTML via the week parameter. | ||||
| CVE-2004-1966 | 1 Openbb | 1 Openbb | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) forums parameter in search.php, or (4) PID or FID parameters in post.php. | ||||
| CVE-2006-0923 | 1 Myphpnuke | 1 Myphpnuke | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MyPHPNuke (MPN) 1.88 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the letter parameter in reviews.php and (2) the dcategory parameter in download.php. | ||||