Total
3192 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1500 | 1 Cpcommerce | 1 Cpcommerce | 2023-12-10 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in _functions.php in cpCommerce 0.5f allows remote attackers to execute arbitrary code via the prefix parameter. | |||||
CVE-1999-0491 | 1 Gnu | 1 Bash | 2023-12-10 | 4.6 MEDIUM | N/A |
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute. | |||||
CVE-1999-0702 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 10.0 HIGH | N/A |
Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import/Export Favorites feature, aka the "ImportExportFavorites" vulnerability. | |||||
CVE-2004-0637 | 1 Oracle | 2 Oracle8i, Oracle9i | 2023-12-10 | 6.5 MEDIUM | N/A |
Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible. | |||||
CVE-2002-2319 | 1 Mysimplenews | 1 Mysimplenews | 2023-12-10 | 7.5 HIGH | N/A |
Static code injection vulnerability in users.php in MySimpleNews allows remote attackers to inject arbitrary PHP code and HTML via the (1) LOGIN, (2) DATA, and (3) MESS parameters, which are inserted into news.php3. | |||||
CVE-2004-1419 | 1 Zeroboard | 1 Zeroboard | 2023-12-10 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) _zb_path parameter to outlogin.php or (2) dir parameter to write.php to reference a URL on a remote web server that contains the code. | |||||
CVE-2003-1411 | 1 Isoca | 1 Cedric Email Reader | 2023-12-10 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in emailreader_execute_on_each_page.inc.php in Cedric Email Reader 0.4 allows remote attackers to execute arbitrary PHP code via the emailreader_ini parameter. | |||||
CVE-1999-0509 | 2023-12-10 | 10.0 HIGH | N/A | ||
Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands. | |||||
CVE-2003-1432 | 1 Epic Games | 2 Unreal Engine, Unreal Tournament 2003 | 2023-12-10 | 10.0 HIGH | N/A |
Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file. | |||||
CVE-2003-1227 | 1 Gallery Project | 1 Gallery | 2023-12-10 | 7.5 HIGH | N/A |
PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote attackers to inject arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412. NOTE: this issue might be exploitable only during installation, or if the administrator has not run a security script after installation. | |||||
CVE-2003-1436 | 1 Crossnuke | 1 Nukebrowser | 2023-12-10 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in nukebrowser.php in Nukebrowser 2.1 to 2.5 allows remote attackers to execute arbitrary PHP code via the filhead parameter. | |||||
CVE-2004-1166 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 7.5 HIGH | N/A |
CRLF injection vulnerability in Microsoft Internet Explorer 6.0.2800.1106 and earlier allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command. |