| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| ExoticSoft FilePocket 1.2 stores sensitive proxy information, including proxy passwords, in plaintext in the registry, which allows local users to gain privileges. |
| Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command. |
| Directory traversal vulnerability in 04WebServer 1.81 allows remote attackers to read files outside of the web root but within the installation folder. |
| SQL injection vulnerability in verify.asp for Ecomm Professional Guestbook 3.x allows remote attackers to execute arbitrary SQL commands via the AdminPWD parameter. |
| Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to conduct administrator operations and cause a denial of service (server or camera shutdown) via a direct request to admin.html. |
| Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to determine the full pathname of the server via a request for an invalid page, as demonstrated using "%20" (hex-encoded space). |
| SQL injection vulnerability in the admin login panel for Ocean12 Mailing List Manager 1.06 allows remote attackers to execute arbitrary SQL commands via the Admin_id parameter. |
| SQL injection vulnerability in login.asp in WWWguestbook 1.1 allows remote attackers to execute arbitrary SQL commands via the password parameter. |
| Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. sequences in the file parameter. |
| PHP remote file inclusion vulnerability in main.php in SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to execute arbitrary PHP code via the p parameter. |
| Cross-site scripting (XSS) vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. |
| Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown impact. |
| Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact. |
| Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (abort). |
| Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (memory exhaustion) via unknown vectors. |
| Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, (7) SMBMailslot, and (8) SMB NETLOGON dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) via unknown vectors that lead to a null dereference. |
| Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 allows remote attackers to cause the dissector to access an invalid pointer. |
| Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 allows remote attackers to execute arbitrary code via crafted chunked-encoding data. |
| SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field. |
| ArticleLive 2005 allows remote attackers to gain privileges by modifying the (1) auth and (2) userId fields in a cookie. |
