Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2002-1354 1 Typsoft 1 Typsoft Ftp Server 2026-04-16 N/A
Directory traversal vulnerability in TYPSoft FTP Server 0.99.8 allows local users to list the contents of arbitrary directories via a ... (dot dot dot) in the cd/CWD command.
CVE-2006-4744 1 Abidia 2 Abidia Wireless, O-anywhere 2026-04-16 N/A
Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication credentials in cleartext, which allows remote attackers to obtain sensitive information by sniffing.
CVE-2003-0228 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters (%5C) that causes an executable to be placed in an arbitrary location.
CVE-2005-2323 2 Class-1, Clever Copy 2 Class-1 Forum, Clever Copy 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allow remote attackers to modify SQL statements via the (1) id parameter to viewattach.php, (2) viewuser_id parameter to users.php, or the (3) id or (4) forum parameter to viewforum.php.
CVE-2005-2327 1 E107 1 E107 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier allows remote attackers to inject arbitrary web script or HTML via nested [url] BBCode tags.
CVE-2005-4072 1 Cfmagic 1 Magic Forum Personal 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in CFMagic Magic Forum Personal 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the Words parameter in search_forums.cfm, as used in the "Search For:" field.
CVE-2004-1754 1 Symantec 2 Enterprise Firewall, Gateway Security 2026-04-16 N/A
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
CVE-2004-1836 1 Invision Power Services 1 Invision Power Top Site List 2026-04-16 N/A
SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and earlier allows remote attackers to execute arbitrary SQL via the id parameter of the comments action.
CVE-2005-1816 1 Invision Power Services 1 Invision Board 2026-04-16 N/A
Invision Power Board (IPB) 1.0 through 2.0.4 allows non-root admins to add themselves or other users to the root admin group via the "Move users in this group to" screen.
CVE-2003-0245 2 Apache, Redhat 2 Http Server, Linux 2026-04-16 N/A
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.
CVE-2006-1413 1 Htmljunction 1 Ezhomepagepro 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in EZHomepagePro 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) adid or (2) aname parameter in (a) common/email.asp, (b) users/users_search.asp, or (c) users/users_profiles.asp; (3) page parameter in (d) users/users_calendar.asp; (4) usid parameter in (e) users/users_mgallery.asp; or (5) m parameter in (f) users/users_search.asp.
CVE-2003-0247 1 Redhat 2 Enterprise Linux, Linux 2026-04-16 N/A
Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops").
CVE-2003-0248 1 Redhat 2 Enterprise Linux, Linux 2026-04-16 N/A
The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.
CVE-2003-0251 2 Nis, Redhat 3 Ypserv Nis Server, Enterprise Linux, Linux 2026-04-16 N/A
ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block.
CVE-2005-2449 1 Sandbox 1 Sandbox 2026-04-16 N/A
Race condition in sandbox before 1.2.11 allows local users to create or overwrite arbitrary files via symlink attack on sandboxpids.tmp.
CVE-2005-4087 1 Sugarcrm 1 Sugar Suite 2026-04-16 N/A
PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter.
CVE-2005-2451 1 Cisco 2 Ios, Ios Xr 2026-04-16 N/A
Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet.
CVE-2005-4088 1 W2b 1 Phpforumpro 2026-04-16 N/A
SQL injection vulnerability in index.php in phpForumPro 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) parent and (2) day parameters.
CVE-1999-0757 1 Allaire 1 Coldfusion Server 2026-04-16 N/A
The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates.
CVE-2005-1924 1 Squirrelmail 1 Gpg Plugin 2026-04-16 N/A
The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in gpg_keyring.php, as called by (a) import_key_file.php, (b) import_key_text.php, and (c) keyring_main.php; and (2) the keyserver parameter to the gpg_recv_key function in gpg_key_functions.php, as called by gpg_options.php. NOTE: this issue may overlap CVE-2007-3636.