Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2595 | 1 Dada Mail | 1 Dada Mail | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Dada Mail before 2.10 Alpha 1 allows remote attackers to execute arbitrary Javascript via archived messages. | |||||
| CVE-2003-0445 | 1 Webfs | 1 Webfs | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in webfs before 1.17.1 allows remote attackers to execute arbitrary code via an HTTP request with a long Request-URI. | |||||
| CVE-2003-0488 | 1 Kerio | 1 Kerio Mailserver | 2025-04-03 | 5.1 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer 5.6.3 allow remote attackers to insert arbitrary web script via (1) the add_name parameter in the add_acl module, or (2) the alias parameter in the do_map module. | |||||
| CVE-2005-4239 | 1 Php Jackknife | 1 Php Jackknife | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Search/DisplayResults.php in PHP JackKnife 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via URL-encoded values in the sKeywords parameter. | |||||
| CVE-2004-2588 | 1 Xmb Software | 1 Xmb Forum | 2025-04-03 | 5.0 MEDIUM | N/A |
| Intentional information leak in phpinfo.php in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allows remote attackers to obtain sensitive information such as the configuration of the web server and the PHP application. | |||||
| CVE-2002-1997 | 1 Zonelabs | 1 Zonealarm | 2025-04-03 | 7.5 HIGH | N/A |
| ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension. | |||||
| CVE-2000-1110 | 1 Ibm | 1 Net.data | 2025-04-03 | 5.0 MEDIUM | N/A |
| document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program. | |||||
| CVE-2002-1766 | 1 Netscape | 1 Communicator | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute. | |||||
| CVE-2002-1016 | 1 Adobe | 1 Digital Editions | 2025-04-03 | 4.6 MEDIUM | N/A |
| Adobe eBook Reader allows a user to bypass restrictions for copy, print, lend, and give operations by backing up key data files, performing the operations, and restoring the original data files. | |||||
| CVE-1999-0870 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 2.6 LOW | N/A |
| Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste. | |||||
| CVE-2005-0759 | 2 Imagemagick, Sgi | 2 Imagemagick, Propack | 2025-04-03 | 5.0 MEDIUM | N/A |
| ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag. | |||||
| CVE-1999-0530 | 2025-04-03 | 10.0 HIGH | N/A | ||
| A system is operating in "promiscuous" mode which allows it to perform packet sniffing. | |||||
| CVE-2006-2862 | 1 Particle Soft | 1 Particle Gallery | 2025-04-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewimage.php in Particle Gallery 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the imageid parameter. | |||||
| CVE-2005-0156 | 7 Ibm, Larry Wall, Redhat and 4 more | 9 Aix, Perl, Enterprise Linux and 6 more | 2025-04-03 | 2.1 LOW | N/A |
| Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. | |||||
| CVE-2005-0265 | 1 Owl | 1 Owl Intranet Engine | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote attackers to execute arbitrary SQL commands via the (1) parent or (2) sortposted parameter. | |||||
| CVE-2006-3482 | 1 Phpmaillist | 1 Phpmaillist | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in maillist.php in PHPMailList 1.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter. | |||||
| CVE-2001-1495 | 1 Freshmeat | 2 Network Query Tool, Network Query Tool Phpnuke | 2025-04-03 | 7.5 HIGH | N/A |
| network_query.php in Network Query Tool 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the target parameter. | |||||
| CVE-2005-1147 | 1 Calendarscript | 1 Calendarscript | 2025-04-03 | 5.0 MEDIUM | N/A |
| calendar.pl in CalendarScript 3.20 allows remote attackers to obtain sensitive information via invalid (1) calendar or (2) template parameters, which leaks the full pathname and debug information. | |||||
| CVE-2000-0044 | 1 Jgaa | 1 Warftpd | 2025-04-03 | 10.0 HIGH | N/A |
| Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands. | |||||
| CVE-2006-2080 | 1 Verosky Media | 1 Instant Photo Gallery | 2025-04-03 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in portfolio_photo_popup.php in Verosky Media Instant Photo Gallery 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, which is not cleansed before calling the count_click function in includes/functions/fns_std.php. NOTE: this issue could produce resultant XSS. | |||||