| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cross-site scripting (XSS) vulnerability in add.php in Fire-Mouse Toplist 1.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the Seitenname parameter. |
| Cross-site scripting (XSS) vulnerability in auctionsearch.php in PhpProBid 5.24 allows remote attackers to inject arbitrary web script or HTML via the advsrc parameter. |
| PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. |
| Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite. |
| Buffer overflow in the daemon function in midirecord.cc in Tuomas Airaksinen Midirecord 2.0 allows local users to execute arbitrary code via a long command line argument (filename). NOTE: This may not be a vulnerability if Midirecord is not installed setuid. |
| SQL injection vulnerability in showphoto.php in PhotoPost PHP Pro 4.6 and earlier allows remote attackers to gain unauthorized access via the photo variable. |
| TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of service (CPU consumption) via an empty USER name. |
| Multiple buffer overflows in EvolutionX 3921 and 3935 allow remote attackers to cause a denial of service (hang) via (1) a long cd command to the FTP server, or (2) a long dir command to the telnet server. |
| PHP remote file inclusion vulnerability in moodle.php in Mam-moodle alpha component (com_moodle) for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. |
| AIM Sniff (aimSniff.pl) 0.9b allows local users to overwrite arbitrary files via a symlink attack on /tmp/AS.log. |
| Stack-based buffer overflow in EFS Software Easy File Sharing FTP Server 2.0 allows remote attackers to execute arbitrary code via a long argument to the PASS command. NOTE: the provenance of this information is unknown; the details are obtained from third party information. |
| Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow remote attackers to execute arbitrary code by indexing a large document. |
| Buffer overflow in Avirt Voice 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long GET request on port 1080. |
| Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. |
| PHP remote file inclusion vulnerability in index.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. |
| PHP remote file inclusion vulnerability in order/index.php in IDevSpot (1) PhpHostBot 1.0 and (2) AutoHost 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. |
| PHP-Post 0.21 and 1.0, and possibly earlier versions, when auto-login is enabled, allows remote attackers to bypass security restrictions and obtain administrative privileges by modifying the logincookie[user] setting in the login cookie. |
| SQL injection vulnerability in the News module in Envolution allows remote attackers to execute arbitrary SQL commands via the (1) startrow and (2) catid parameter. |
| Cross-site scripting (XSS) vulnerability in index.php for Mambo Site Server 4.0.10 allows remote attackers to execute script on other clients via the ?option parameter. |
| Multiple cross-site scripting (XSS) vulnerabilities in Top XL 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pass and (2) pass2 parameters in (a) add.php or the (3) id parameter in (b) members/index.php. |
