| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to list directory contents via a direct request to multiple directories, including (1) sources/loginauth/convert/, (2) sources/portal_plugins/, (3) cache/skin_cache/cacheid_2/, (4) ips_kernel/PEAR/, (5) ips_kernel/PEAR/Text/, (6) ips_kernel/PEAR/Text/Diff/, (7) ips_kernel/PEAR/Text/Diff/Renderer/, (8) style_images/1/folder_rte_files/, (9) style_images/1/folder_js_skin/, (10) style_images/1/folder_rte_images/, and (11) upgrade/ and its subdirectories. |
| SQL injection vulnerability in admin_login.asp in ISP of Egypt SiteMan allows remote attackers to execute arbitrary SQL commands via the pass parameter. |
| The default aide.conf file in Advanced Intrusion Detection Environment (AIDE) before 0.7_1 on FreeBSD before 2002-08-28 does not properly check subdirectories, which could allow local users to bypass detection. |
| A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. |
| A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories. |
| McAfee IntruShield Security Management System obtains the user ID from the URL, which allows remote attackers to guess the Manager account and possibly gain privileges via a brute force attack. |
| Buffer overflow in ddicgi.exe program in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long GET request. |
| Buffer overflow in the web authorization form of Mobius DocumentDirect for the Internet 1.2 allows remote attackers to cause a denial of service or execute arbitrary commands via a long username. |
| Multiple SQL injection vulnerabilities in Comersus shopping cart allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to comersus_optAffiliateRegistrationExec.asp or (2) idProduct parameter to comersus_optReviewReadExec.asp. |
| Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash. |
| Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields. |
| Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service. |
| The Avatar upload feature in FUD Forum before 2.7.0 does not properly verify uploaded files, which allows remote attackers to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code. |
| The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks. |
| PHP remote file inclusion vulnerability in al_initialize.php for AutoLinks Pro 2.1 allows remote attackers to execute arbitrary PHP code via an "ftp://" URL in the alpath parameter, which bypasses the incomplete blacklist that only checks for "http" and "https" URLs. |
| Directory traversal vulnerability in bestmail_edit.cgi in cosmoshop 8.10.78 and earlier allows remote administrators to read arbitrary files via ".." sequences in the file parameter. |
| Cross-site scripting (XSS) vulnerability in Hiki 0.8.1 to 0.8.2 allows remote attackers to inject arbitrary web script or HTML via a page name in a Login link, a different vulnerability than CVE-2005-2336. |
| Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long -n option. |
| A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories. |
| attachment_send.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified file_id parameter. |
