Max CVSS 10.0 Min CVSS 1.2 Total Count5054
IDCVSSSummaryLast (major) updatePublished
CVE-2006-3561 5.0
BT Voyager 2091 Wireless firmware 2.21.05.08m_A2pB018c1.d16d and earlier, and 3.01m and earlier, allow remote attackers to bypass the authentication process and gain sensitive information, such as configuration information via (1) /btvoyager_getconfi
28-04-2017 - 21:59 12-07-2006 - 21:05
CVE-2008-4049 6.8
A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to execute arbitrary programs via arguments to the RunApp method.
19-02-2017 - 00:23 11-09-2008 - 17:06
CVE-2008-4048 6.8
Heap-based buffer overflow in a certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to execute arbitrary code via a long third argument to the CreateURLShortcut method.
19-02-2017 - 00:23 11-09-2008 - 17:06
CVE-2008-3307 7.5
SQL injection vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3306.
19-02-2017 - 00:23 25-07-2008 - 12:41
CVE-2008-1855 5.0
FrameworkService.exe in McAfee Common Management Agent (CMA) 3.6.0.574 Patch 3 and earlier, as used by ePolicy Orchestrator (ePO) and ProtectionPilot (PrP), allows remote attackers to corrupt memory and cause a denial of service (CMA Framework servic
19-02-2017 - 00:22 16-04-2008 - 15:05
CVE-2008-1447 5.0
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic vi
19-02-2017 - 00:21 08-07-2008 - 19:41
CVE-2008-1309 9.3
The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 before build 6.0.12.1675, and RealPlayer 11 before 11.0.3 build 6.0.14.806 does not properly manage memory for the (1
19-02-2017 - 00:21 12-03-2008 - 13:44
CVE-2006-6917 10.0
Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which is not prop
19-02-2017 - 00:15 31-12-2006 - 00:00
CVE-2006-5112 7.5
Buffer overflow in InterVations NaviCOPA Web Server 2.01 allows remote attackers to execute arbitrary code via a long HTTP GET request.
19-02-2017 - 00:14 03-10-2006 - 00:03
CVE-2006-3493 5.1
Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Word and possibly other products in Microsoft Office 2003, 2002, and 2000, allows remote user-assisted attackers to cause a denial of service (crash) via
19-02-2017 - 00:13 10-07-2006 - 18:05
CVE-2006-2998 7.5
PHP remote file inclusion vulnerability in board/post.php in free QBoard 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the qb_path parameter.
19-02-2017 - 00:12 12-06-2006 - 21:02
CVE-2006-2802 5.0
Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6.
19-02-2017 - 00:12 03-06-2006 - 06:02
CVE-2006-0565 7.5
PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter.
19-02-2017 - 00:11 06-02-2006 - 18:02
CVE-2005-1589 7.2
The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space
19-02-2017 - 00:08 17-05-2005 - 00:00
CVE-2004-1333 2.1
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.
19-02-2017 - 00:06 15-12-2004 - 00:00
CVE-2000-1220 10.0
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a con
15-02-2017 - 21:59 08-01-2000 - 00:00
CVE-2005-1649 5.0
The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source add
19-01-2017 - 21:59 18-05-2005 - 00:00
CVE-2000-0844 10.0
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
19-01-2017 - 21:59 14-11-2000 - 00:00
CVE-2006-1255 10.0
Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT comm
19-12-2016 - 21:59 18-03-2006 - 20:02
CVE-2004-1315 7.5
viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special
19-12-2016 - 21:59 12-11-2004 - 00:00
CVE-2000-0305 7.8
Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerabili
08-12-2016 - 13:54 19-05-2000 - 00:00
CVE-2008-6740 6.8
PHP remote file inclusion vulnerability in html/admin/modules/plugin_admin.php in HoMaP-CMS 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the _settings[pluginpath] parameter.
07-12-2016 - 22:01 21-04-2009 - 14:30
CVE-2008-5191 7.5
Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) poll_id parameter to poll.php and the (2) sp_id parameter to staticpages.php.
07-12-2016 - 22:01 21-11-2008 - 12:30
CVE-2006-3952 7.5
Stack-based buffer overflow in EFS Software Easy File Sharing FTP Server 2.0 allows remote attackers to execute arbitrary code via a long argument to the PASS command. NOTE: the provenance of this information is unknown; the details are obtained fro
07-12-2016 - 22:00 01-08-2006 - 17:04
CVE-2004-1016 2.1
The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a de
07-12-2016 - 21:59 10-01-2005 - 00:00
CVE-2004-0990 10.0
Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-
07-12-2016 - 21:59 01-03-2005 - 00:00
CVE-2004-0409 7.5
Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code.
07-12-2016 - 21:59 01-06-2004 - 00:00
CVE-2006-3172 7.5
Multiple PHP remote file inclusion vulnerabilities in Content*Builder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL with a trailing slash (/) character in the (1) lang_path parameter to (a) cms/plugins/col_man/column.inc.php, (
06-12-2016 - 21:59 22-06-2006 - 20:02
CVE-2004-1120 10.0
Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.
06-12-2016 - 21:59 10-01-2005 - 00:00
CVE-2003-0001 5.0
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
06-12-2016 - 21:59 17-01-2003 - 00:00
CVE-2006-5613 7.5
PHP remote file inclusion in Core/core.inc.php in MP3 Streaming DownSampler (mp3SDS) 3.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the fullpath parameter
05-12-2016 - 21:59 30-10-2006 - 20:07
CVE-2006-3928 7.5
PHP remote file inclusion vulnerability in index.php in WMNews 0.2a and earlier allows remote attackers to execute arbitrary PHP code via a URL in the base_datapath parameter.
05-12-2016 - 21:59 31-07-2006 - 17:04
CVE-2006-5055 7.5
PHP remote file inclusion vulnerability in admin/testing/tests/0004_init_urls.php in syntaxCMS 1.1.1 through 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the init_path parameter.
28-11-2016 - 14:06 27-09-2006 - 20:07
CVE-2006-4885 7.5
PHP remote file inclusion vulnerability in Shadowed Portal 5.599 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) footer.php and (2) header.php. NOTE: the provenance of this information is unkn
28-11-2016 - 14:06 19-09-2006 - 17:07
CVE-2006-4714 5.1
PHP remote file inclusion vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the classified_pat
28-11-2016 - 14:06 12-09-2006 - 12:07
CVE-2006-0206 7.5
Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php.
28-11-2016 - 14:06 13-01-2006 - 18:03
CVE-2004-0548 7.2
Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or
28-11-2016 - 14:06 06-08-2004 - 00:00
CVE-2000-1028 7.2
Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument.
28-11-2016 - 14:06 11-12-2000 - 00:00
CVE-1999-1185 7.2
Buffer overflow in SCO mscreen allows local users to gain root privileges via a long terminal entry (TERM) in the .mscreenrc file.
28-11-2016 - 14:06 06-10-1998 - 00:00
CVE-2005-1787 7.5
setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check variable.
25-11-2016 - 13:27 27-05-2005 - 00:00
CVE-2007-0683 7.5
PHP remote file inclusion vulnerability in includes/functions.php in Omegaboard 1.0beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
21-11-2016 - 09:17 02-02-2007 - 20:28
CVE-2007-0887 7.8
axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded "*\x00" sequence on the imap port (143/tcp).
21-11-2016 - 09:07 12-02-2007 - 18:28
CVE-2007-0886 10.0
Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an int
21-11-2016 - 09:04 12-02-2007 - 18:28
CVE-2006-2065 7.5
SQL injection vulnerability in save.php in PHPSurveyor 0.995 and earlier allows remote attackers to execute arbitrary SQL commands via the surveyid cookie. NOTE: this issue could be leveraged to execute arbitrary PHP code, as demonstrated by inserti
18-11-2016 - 22:00 27-04-2006 - 09:34
CVE-2006-1252 7.5
Eval injection vulnerability in cal.php in Light Weight Calendar (LWC) 1.0 allows remote attackers to execute arbitrary PHP code via the date parameter to index.php.
18-11-2016 - 22:00 18-03-2006 - 20:02
CVE-2006-5851 2.1
openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328.
18-11-2016 - 12:11 09-11-2006 - 21:07
CVE-2008-1087 9.3
Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF image file with crafted filename parameters, aka "GDI Stack Overflo
08-11-2016 - 13:13 08-04-2008 - 19:05
CVE-2008-3008 9.3
Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Me
08-11-2016 - 13:02 10-09-2008 - 21:11
CVE-2008-1083 9.3
Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a mal
08-11-2016 - 11:27 08-04-2008 - 19:05
CVE-2007-5461 3.5
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write reque
24-10-2016 - 14:30 15-10-2007 - 14:17
CVE-2007-1561 7.8
The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP INVITE message with an SDP containing one valid and one invalid IP address.
17-10-2016 - 23:43 21-03-2007 - 15:19
CVE-2007-0085 6.0
Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecif
17-10-2016 - 23:42 05-01-2007 - 06:28
CVE-2006-6552 7.5
PHP remote file inclusion vulnerability in admin/plugins/NP_UserSharing.php in BLOG:CMS 4.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DIR_ADMIN parameter.
17-10-2016 - 23:42 14-12-2006 - 13:28
CVE-2006-5893 7.5
Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) mysql.php and (2) mysqli.php in include/classes/pear/DB/.
17-10-2016 - 23:41 14-11-2006 - 17:07
CVE-2006-5852 4.6
Untrusted search path vulnerability in openexec in OpenBase SQL before 10.0.1 allows local users to gain privileges via a modified PATH that references a malicious helper binary, as demonstrated by (1) cp, (2) rm, and (3) killall, different vectors t
17-10-2016 - 23:41 09-11-2006 - 21:07
CVE-2006-5826 5.8
Buffer overflow in Texas Imperial Software WFTPD Pro Server 3.23.1.1 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via crafted APPE commands that contain "/" (slash) or "\" (backslash) ch
17-10-2016 - 23:41 09-11-2006 - 20:07
CVE-2006-5768 7.5
Multiple PHP remote file inclusion vulnerabilities in Cyberfolio 2.0 RC1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the av parameter to (1) msg/view.php, (2) msg/inc_message.php, (
17-10-2016 - 23:41 06-11-2006 - 18:07
CVE-2006-5471 7.5
PHP remote file inclusion vulnerability in example/lib/grid3.lib.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the (1) cfg_dir and (2) lib_dir parameters.
17-10-2016 - 23:41 24-10-2006 - 16:07
CVE-2006-5402 7.5
Multiple PHP remote file inclusion vulnerabilities in PHPmybibli 3.0.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) class_path, (2) javascript_path, and (3) include_path parameters in (a) cart.php; the (4) cla
17-10-2016 - 23:41 18-10-2006 - 19:07
CVE-2006-5301 6.8
PHP remote file inclusion vulnerability in includes/antispam.php in the SpamBlockerMODv 1.0.2 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
17-10-2016 - 23:41 17-10-2006 - 11:07
CVE-2006-5259 7.5
PHP remote file inclusion vulnerability in param_editor.php in Compteur 2 allows remote attackers to execute arbitrary PHP code via a URL in the folder parameter.
17-10-2016 - 23:41 12-10-2006 - 18:07
CVE-2006-4924 7.8
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack d
17-10-2016 - 23:41 26-09-2006 - 21:07
CVE-2006-4922 5.0
Unrestricted file upload vulnerability in starnet/editors/htmlarea/popups/images.php in Site@School (S@S) 2.4.02 and earlier allows remote attackers to upload and execute arbitrary files with executable extensions.
17-10-2016 - 23:41 20-09-2006 - 21:07
CVE-2006-4921 7.5
PHP remote file inclusion vulnerability in Site@School (S@S) 2.4.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter to starnet/modules/include/include.php. NOTE: some of these details are obtained f
17-10-2016 - 23:41 20-09-2006 - 21:07
CVE-2006-4920 7.5
Multiple PHP remote file inclusion vulnerabilities in Site@School (S@S) 2.4.02 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter to (1) starnet/modules/sn_allbum/slideshow.php, and (2) starnet/themes/e
17-10-2016 - 23:41 20-09-2006 - 21:07
CVE-2006-4455 5.0
** DISPUTED ** Unspecified vulnerability in Xchat 2.6.7 and earlier allows remote attackers to cause a denial of service (crash) via unspecified vectors involving the PRIVMSG command. NOTE: the vendor has disputed this vulnerability, stating that i
17-10-2016 - 23:40 30-08-2006 - 12:04
CVE-2006-4369 2.6
Absolute path traversal vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via an absolute pathname in the phpbb_root_path parameter.
17-10-2016 - 23:40 26-08-2006 - 17:04
CVE-2006-4368 7.5
PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
17-10-2016 - 23:40 26-08-2006 - 17:04
CVE-2006-4365 7.5
Multiple PHP remote file inclusion vulnerabilities in VistaBB 2.0.33 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/functions_mod_user.php or (2) includes/functions_portal.p
17-10-2016 - 23:40 26-08-2006 - 17:04
CVE-2006-3683 7.5
PHP remote file inclusion vulnerability in poll.php in Flipper Poll 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter.
17-10-2016 - 23:40 21-07-2006 - 10:03
CVE-2006-3528 6.8
Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mambo module 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) image_upload.php and (2) file_upload.php.
17-10-2016 - 23:40 11-07-2006 - 20:05
CVE-2006-3086 9.3
Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as
17-10-2016 - 23:40 19-06-2006 - 15:02
CVE-2006-2656 7.5
Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is c
17-10-2016 - 23:39 30-05-2006 - 14:02
CVE-2006-2407 7.5
Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange
17-10-2016 - 23:39 16-05-2006 - 06:02
CVE-2006-2369 7.5
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is ac
17-10-2016 - 23:39 15-05-2006 - 12:06
CVE-2006-2180 6.4
Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long argument to the (1) NLST or (2) APPE commands, as demonstrated by the Infigo FTPStress Fuzzer
17-10-2016 - 23:39 04-05-2006 - 08:38
CVE-2006-0961 7.5
SQL injection vulnerability in yazdir.asp in Cilem Hiber 1.1 allows remote attackers to execute arbitrary SQL commands via the haber_id parameter. NOTE: this product has also been referred to as "Cilem News," although that does not appear to be the
17-10-2016 - 23:39 02-03-2006 - 18:02
CVE-2006-0671 7.8
Buffer overflow in Sony Ericsson K600i, V600i, W800i, and T68i cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (
17-10-2016 - 23:39 13-02-2006 - 17:02
CVE-2006-0319 5.0
Directory traversal vulnerability in the FTP server (port 22003/tcp) in Farmers WIFE 4.4 SP1 allows remote attackers to create arbitrary files via ".." (dot dot) sequences in a (1) PUT, (2) SIZE, and possibly other commands.
17-10-2016 - 23:38 18-01-2006 - 20:03
CVE-2005-4402 6.5
Buffer overflow in MailEnable Professional 1.71 and earlier, and Enterprise 1.1 and earlier, allows remote authenticated users to execute arbitrary code via a long IMAP EXAMINE command.
17-10-2016 - 23:38 20-12-2005 - 06:03
CVE-2005-3792 7.5
Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other versions before 7.9 with patch 3.1, allows remote attackers to execute arbitrary SQL commands, as demonstrated via the query parameter in a stories type.
17-10-2016 - 23:37 24-11-2005 - 06:03
CVE-2005-3684 7.5
Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, allow remote authenticated attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via long (1) MKD and (2) DELE commands.
17-10-2016 - 23:36 18-11-2005 - 20:03
CVE-2005-3683 7.5
Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a long USER command.
17-10-2016 - 23:36 18-11-2005 - 20:03
CVE-2005-3682 7.5
Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote attackers to execute arbitrary SQL commands via (1) the AuthID parameter in ForumAuthDetails.php, and the TopicID parameter in (2) ForumTopicDetails.php and (3) ForumReply.php.
17-10-2016 - 23:36 18-11-2005 - 18:03
CVE-2005-3681 7.5
SQL injection vulnerability in viewcat.php in XOOPS WF-Downloads module 2.05 allows remote attackers to execute arbitrary SQL commands via the list parameter.
17-10-2016 - 23:36 18-11-2005 - 18:03
CVE-2005-3649 2.6
jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users to other sites via the jump parameter.
17-10-2016 - 23:36 17-11-2005 - 06:02
CVE-2005-3591 7.5
Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and earlier and (2) libflashplayer.so before 7.0.25.0 (Unix) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via parameters to the ActionDefineF
17-10-2016 - 23:36 16-11-2005 - 02:42
CVE-2005-3589 7.8
Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp comman