Unknown · CVSS Not scored
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses.
Published Oct 29, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long username to (1) the GetString function in proxy.c for the SOCKS5 module or (2) the HandleS4Connection function in proxy.c for the SOCKS4 module.
Published Oct 31, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote attackers to determine if a directory exists via a .. (dot dot) in the GET request, which returns different error messages depending on whether the directory exists or not.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in source.php in Aquonics File Manager 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP query string.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
portmapper in Compaq Tru64 4.0G and 5.0A allows remote attackers to cause a denial of service via a flood of packets.
Published Jul 14, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in XiRCON 1.0 Beta 4 allows remote attackers to cause a denial of service (disconnect) via a long (1) ctcp, (2) primsg, (3) msg, or (4) notice command.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Microsoft Exchange 2000 allows remote authenticated attackers to cause a denial of service via a large number of rapid requests, which consumes all of the licenses that are granted to Exchange by IIS.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords.
Published Oct 26, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
LokwaBB 1.2.2 allows remote attackers to read arbitrary messages by modifying the pmid parameter to pm.php.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Sygate personal firewall 5.0 could allow remote attackers to bypass firewall filters via spoofed (1) source IP address of 127.0.0.1 or (2) network address of 127.0.0.0.
Published Nov 1, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in viewAttachment.cgi in W3Mail 1.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Published Nov 1, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
PowerChute plus 5.0.2 creates a "Pwrchute" directory during installation that is shared and world writeable, which could allow remote attackers to modify or create files in that directory.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world-writable permissions, which allows local users to overwrite or corrupt those files.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables.
Published Jul 14, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Yet Another Bulletin Board (YaBB) 1.40 and 1.41 does not require a user to submit the correct password before changing it to a new password, which allows remote attackers to modify passwords by stealing the cookie of another user, modifying the expiretime setting, and submitting the change in a profile2 action to index.php.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted items folder, which allows local users to read other users email.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP request.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer.
Published Oct 26, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Xoops 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when submitting news.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The installation of OpenOffice 1.0.1 allows local users to overwrite files and possibly gain privileges via a symlink attack on the USERNAME_autoresponse.conf temporary file.
Published Apr 4, 2006 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP address of the Ethernet interface via a discard (UDP port 9) packet, which causes the device to leak the information in the response.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 2.0.1 leaks sensitive information during boot-up, which allows attackers to obtain the MD5 hash of the Admin password, MD5 hash of the physical password, and other registration information.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
rhmask 1.0-9 in Red Hat Linux 7.1 allows local users to overwrite arbitrary files via a symlink attack on the mask file.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in Gender MOD 1.1.3 allows remote attackers to gain administrative access via the user_level parameter in the User Profile page.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Direct connect text client (DCTC) client 0.83.3 allows remote attackers to cause a denial of service (crash) via a string ending with a NULL byte character.
Published Nov 1, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Opera 6.0.1 allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage.
Published Oct 26, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter.
Published Jul 14, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Joe Testa hellbent 01 allows remote attackers to determine the full path of the web root directory via a GET request with a relative path that includes the root's parent, which generates a 403 error message if the parent is incorrect, but a normal response if the parent is correct.
Published Aug 5, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
GoAhead WebServer before 2.1.1 allows remote attackers to cause a denial of service (CPU consumption) by performing a socket disconnect to terminate a request before it has been fully processed by the server.
Published Feb 6, 2009 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp.
Published Aug 5, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Compaq Tru64 4.0 d allows remote attackers to cause a denial of service in (1) telnet, (2) FTP, (3) ypbind, (4) rpc.lockd, (5) snmp, (6) ttdbserverd, and possibly other services via a TCP SYN scan, as demonstrated using nmap.
Published Jul 14, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext under the web document root, which allows remote attackers to obtain the passwords via an HTTP request to a .user file.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Unknown vulnerability in AIX before 4.0 with unknown attack vectors and unknown impact, aka "security issue," as fixed by APAR IY28225.
Published Jun 21, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
ImageFolio 2.23 through 2.27 allows remote attackers to obtain sensitive information via a nonexistent image category, which leaks the web root in the resulting error message.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges.
Published Oct 29, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic.
Published Oct 26, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
webbbs_post.pl in WebBBS 4 and 5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the followup parameter.
Published Jul 14, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in DaCode 1.2.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service (reboot) via a long HTTP request to the administrative interface.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Motorola Surfboard 4200 cable modem allows remote attackers to cause a denial of service (crash) by performing a SYN scan using a tool such as nmap.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
MySimpleNews 1.0 allows remote attackers to delete arbitrary email messages via a direct request to vider.php3.
Published Oct 26, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Digi-Net Technologies DigiChat 3.5 allows chat users to obtain the IP addresses of other chat users via a "Showip" parameter in the chat applet.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in stat.pl in StatsPlus 1.25 allows remote attackers to inject arbitrary web script or HTML via (1) HTTP_USER_AGENT or (2) HTTP_REFERER, which is written to stats.html and executed in client browsers.
Published Oct 26, 2007 · Updated Sep 16, 2024