Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0349 | 1 Tiny Software | 1 Tiny Personal Firewall | 2025-04-03 | N/A |
| Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions. | ||||
| CVE-2005-1578 | 1 Guidance Software | 1 Encase | 2025-04-03 | N/A |
| EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection. | ||||
| CVE-2005-1581 | 1 Eric Fichot | 1 Bug Report | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Bug Report 1.0 allows remote attackers to inject arbitrary web script or HTML via various fields to bug_report.php, which are not filtered or quoted when processed by bug_list.php or admin/index.php. | ||||
| CVE-2006-0154 | 1 427bb | 1 Fourtwosevenbb | 2025-04-03 | N/A |
| SQL injection vulnerability in showthread.php in 427BB 2.2 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the ForumID parameter. | ||||
| CVE-2005-1592 | 1 Birdblog | 1 Birdblog | 2025-04-03 | N/A |
| Multiple "javascript vulerabilities in BB code" in BirdBlog before 1.3.1 allow remote attackers to inject arbitrary Javascript. | ||||
| CVE-2005-1593 | 1 Codethat | 1 Shoppingcart | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2005-1596 | 1 Fusion | 1 Sbx | 2025-04-03 | N/A |
| index.php in Fusion SBX 1.2 and earlier does not properly use the extract function, which allows remote attackers to bypass authentication by setting the is_logged parameter or execute arbitrary code via the maxname2 parameter. | ||||
| CVE-2005-1602 | 1 Net56 | 1 File Manager | 2025-04-03 | N/A |
| SQL injection vulnerability in login.asp for Net56 Browser Based File Manager 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the password field. | ||||
| CVE-2006-0172 | 1 Hummingbird | 1 Enterprise Collaboration | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the file manager utility in Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to inject arbitrary web script or HTML in an uploaded page, which is published without a check for hostile scripting. | ||||
| CVE-2005-1605 | 1 Positive Software | 1 Sitestudio | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the guestbook for SiteStudio 1.6 allows remote attackers to inject arbitrary web script or HTML via the name field to (1) psoft.guestbook.GuestBookServ in Standalone Site Studio or (2) E-Guest_sign.pl in Integrated Site Studio with H-Sphere. | ||||
| CVE-2005-1615 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2025-04-03 | N/A |
| viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter, which is not properly handled by textdb.inc.php, possibly due to a SQL injection vulnerability. | ||||
| CVE-2002-0558 | 1 Typsoft | 1 Typsoft Ftp Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in TYPSoft FTP server 0.97.1 and earlier allows a remote authenticated user (possibly anonymous) to list arbitrary directories via a .. in a LIST (ls) command ending in wildcard *.* characters. | ||||
| CVE-2002-1318 | 4 Hp, Redhat, Samba and 1 more | 4 Cifs-9000 Server, Linux, Samba and 1 more | 2025-04-03 | N/A |
| Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string. | ||||
| CVE-2005-1616 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2025-04-03 | N/A |
| viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to obtain sensitive information via an invalid (1) id or possibly (2) postorder parameter, which reveals the path in an error message when a file can not be opened. | ||||
| CVE-2006-1375 | 1 Brain Book Software | 1 Adman | 2025-04-03 | N/A |
| AdMan 1.0.20051221 and earlier allows remote attackers to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php. | ||||
| CVE-2005-1633 | 1 Jgs-xa | 1 Jgs-portal | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in JGS-XA JGS-Portal 3.0.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) anzahl_beitraege parameter to jgs_portal.php, 2) year parameter to (jgs_portal_statistik.php, 3) year parameter to (jgs_portal_beitraggraf.php, 4) tag parameter to (jgs_portal_viewsgraf.php, 5) year parameter to (jgs_portal_themengraf.php, 6) year parameter to (jgs_portal_mitgraf.php, 7) id parameter to jgs_portal_sponsor.php, or (8) the Accept-Language header to jgs_portal_log.php. | ||||
| CVE-2005-1634 | 1 Jgs-xa | 1 Jgs-portal | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in JGS-XA JGS-Portal 3.0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) anzahl_beitraege parameter to jgs_portal.php, (2) year parameter to jgs_portal_statistik.php, (3) year parameter to jgs_portal_beitraggraf.php, (4) tag parameter to jgs_portal_viewsgraf.php, (5) year parameter to jgs_portal_themengraf.php, (6) year parameter to jgs_portal_mitgraf.php, (7) id parameter to jgs_portal_sponsor.php, or (8) the Accept-Language header to jgs_portal_log.php. NOTE: this issue may stem from the same core problem as CVE-2005-1633. | ||||
| CVE-2006-0176 | 1 Xmame | 1 Xmame | 2025-04-03 | N/A |
| Buffer overflow in certain functions in src/fileio.c and src/unix/fileio.c in xmame before 11 January 2006 may allow local users to gain privileges via a long (1) -lang, (2) -ctrlr, (3) -pb, or (4) -rec argument on many operating systems, and via a long (5) -jdev argument on Ubuntu Linux. | ||||
| CVE-2006-0180 | 1 Calogic | 1 Calogic Calendars | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the Title field on the "Adding New Event" page, and possibly other vectors, involving iframe tags. | ||||
| CVE-2006-1376 | 1 Debian | 1 Debian Linux | 2025-04-03 | N/A |
| The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service (disk consumption). | ||||