Total
265928 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0336 | 1 Microsoft | 1 Internet Information Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request. | |||||
CVE-2001-0234 | 1 Sourceforge | 1 Newsdaemon | 2024-02-28 | 7.5 HIGH | N/A |
NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed user_username parameter. | |||||
CVE-2002-1008 | 1 Summit Computer Networks | 1 Lil Http Server | 2024-02-28 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via a request to urlcount.cgi that contains the script, which is not filtered when the REPORT capability prints the original request. | |||||
CVE-2002-1842 | 1 Perlbot | 1 Perlbot | 2024-02-28 | 7.5 HIGH | N/A |
Perlbot 1.0 beta allows remote attackers to execute arbitrary commands via shell metacharacters in (1) a word that is being spell checked or (2) an e-mail address. | |||||
CVE-2001-0315 | 1 Khaled Mardam-bey | 1 Mirc | 2024-02-28 | 7.5 HIGH | N/A |
The locking feature in mIRC 5.7 allows local users to bypass the password mechanism by modifying the LockOptions registry key. | |||||
CVE-2003-0879 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0518. Reason: This candidate is a reservation duplicate of CVE-2003-0518. Notes: All CVE users should reference CVE-2003-0518 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-2004-1556 | 1 Mywebserver | 1 Mywebserver | 2024-02-28 | 5.0 MEDIUM | N/A |
MyWebServer 1.0.3 allows remote attackers to cause a denial of service (application crash) via a large number of connections within a short time. | |||||
CVE-2001-1083 | 1 Icecast | 1 Icecast | 2024-02-28 | 5.0 MEDIUM | N/A |
Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash). | |||||
CVE-2001-0744 | 1 Horde | 1 Imp | 2024-02-28 | 2.1 LOW | N/A |
Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file. | |||||
CVE-2002-1750 | 1 Cgiscript | 1 Csguestbook | 2024-02-28 | 7.5 HIGH | N/A |
csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. | |||||
CVE-2004-1553 | 1 Fullrevolution | 1 Aspwebalbum | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName parameter in a processlogin action to album.asp, as reachable from the login action. | |||||
CVE-2003-1421 | 1 Suckbot | 1 Suckbot | 2024-02-28 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors. | |||||
CVE-2001-1299 | 1 Zorbat | 1 Zorbstats | 2024-02-28 | 5.0 MEDIUM | N/A |
Zorbat Zorbstats PHP script before 0.9 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | |||||
CVE-2002-0776 | 1 Hosting Controller | 1 Hosting Controller | 2024-02-28 | 7.5 HIGH | N/A |
getuserdesc.asp in Hosting Controller 2002 allows remote attackers to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the "UpdateUser" hot fix. | |||||
CVE-2000-0044 | 1 Jgaa | 1 Warftpd | 2024-02-28 | 10.0 HIGH | N/A |
Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands. | |||||
CVE-2004-1539 | 1 Gearbox Software | 1 Halo Combat Evolved | 2024-02-28 | 5.0 MEDIUM | N/A |
Halo: Combat Evolved 1.05 and earlier allows remote game servers to cause a denial of service (client crash) via a long value in a game server reply, which triggers a NULL dereference. | |||||
CVE-2002-0001 | 1 Mutt | 1 Mutt | 2024-02-28 | 7.5 HIGH | N/A |
Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list. | |||||
CVE-2003-1248 | 1 Positive Software | 1 H-sphere | 2024-02-28 | 7.5 HIGH | N/A |
H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) mode and (2) zipfile parameters in a URL request. | |||||
CVE-1999-0802 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 7.6 HIGH | N/A |
Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon. | |||||
CVE-2002-0285 | 1 Microsoft | 1 Outlook Express | 2024-02-28 | 7.5 HIGH | N/A |
Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only contain the CR, which causes Outlook to create separate headers. |