Total
247505 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0521 | 1 Michael Lamont | 1 Savant Webserver | 2023-12-10 | 5.0 MEDIUM | N/A |
Savant web server allows remote attackers to read source code of CGI scripts via a GET request that does not include the HTTP version number. | |||||
CVE-2001-1524 | 1 Francisco Burzi | 1 Php-nuke | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) uname parameter in user.php, (2) ttitle, letter and file parameters in modules.php, (3) subject, story and storyext parameters in submit.php, (4) upload parameter in admin.php and (5) fname parameter in friend.php. | |||||
CVE-2000-0605 | 1 Blackboard | 1 Courseinfo | 2023-12-10 | 2.1 LOW | N/A |
Blackboard CourseInfo 4.0 stores the local and SQL administrator user names and passwords in cleartext in a registry key whose access control allows users to access the passwords. | |||||
CVE-1999-1583 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument. | |||||
CVE-1999-0509 | 2023-12-10 | 10.0 HIGH | N/A | ||
Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands. | |||||
CVE-2000-0458 | 1 Imp | 1 Imp | 2023-12-10 | 2.1 LOW | N/A |
The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information. | |||||
CVE-1999-1368 | 1 Broadcom | 1 Inoculateit | 2023-12-10 | 7.5 HIGH | N/A |
AV Option for MS Exchange Server option for InoculateIT 4.53, and possibly other versions, only scans the Inbox folder tree of a Microsoft Exchange server, which could allow viruses to escape detection if a user's rules cause the message to be moved to a different mailbox. | |||||
CVE-2000-1112 | 1 Microsoft | 1 Windows Media Player | 2023-12-10 | 4.6 MEDIUM | N/A |
Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability. | |||||
CVE-2002-1714 | 1 Microsoft | 2 Ie, Internet Explorer | 2023-12-10 | 5.0 MEDIUM | N/A |
Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion. | |||||
CVE-2003-0484 | 1 Phpbb Group | 1 Phpbb | 2023-12-10 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topic_id parameter. | |||||
CVE-2004-1827 | 2 Simple Machines, Yabb | 2 Simple Machines Smf, Yabb | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote attackers to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags. | |||||
CVE-2002-0104 | 1 Aftpd | 1 Aftpd | 2023-12-10 | 5.0 MEDIUM | N/A |
AFTPD 5.4.4 allows remote attackers to gain sensitive information via a CD (CWD) ~ (tilde) command, which causes a core dump. | |||||
CVE-2004-0059 | 1 Lionmax Software | 1 Www File Share Pro | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in upload capability of WWW File Share Pro 2.42 and earlier allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in the filename parameter of a Content-Disposition: header. | |||||
CVE-2001-0729 | 1 Apache | 1 Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters. | |||||
CVE-2002-0720 | 1 Microsoft | 2 Windows 2000, Windows 2000 Terminal Services | 2023-12-10 | 7.2 HIGH | N/A |
A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code. | |||||
CVE-2003-1413 | 1 Apple | 2 Darwin Streaming Server, Quicktime Streaming Server | 2023-12-10 | 4.3 MEDIUM | N/A |
parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. | |||||
CVE-2001-0022 | 1 Leif M. Wright | 1 Simplestguest.cgi | 2023-12-10 | 10.0 HIGH | N/A |
simplestguest.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the guestbook parameter. | |||||
CVE-2002-1528 | 1 Mondosoft | 1 Mondosearch | 2023-12-10 | 5.0 MEDIUM | N/A |
MsmMask.exe in MondoSearch 4.4 allows remote attackers to obtain the source code of scripts via the mask parameter. | |||||
CVE-1999-0791 | 1 Hybrid Network | 2 Cable Modem, Hsmp | 2023-12-10 | 10.0 HIGH | N/A |
Hybrid Network cable modems do not include an authentication mechanism for administration, allowing remote attackers to compromise the system through the HSMP protocol. | |||||
CVE-2002-1941 | 1 Radiobird Software | 1 Web Server 4 Everyone | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in RadioBird WebServer 4 Everyone 1.28 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request with the Host header set. |