| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerability than CVE-1999-0021. |
| Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a long GET request. |
| Unspecified vulnerability in the CHM unpacker in avast! before 4.7.844 has unknown impact and remote attack vectors. |
| classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters. |
| Cross-site scripting (XSS) vulnerability in forum_search.asp in Intelligent Solutions Inc. ASP Discussion Forum allows remote attackers to inject arbitrary web script or HTML via the search variable. |
| PHP remote file inclusion vulnerability in include/common.php in CyBoards PHP Lite 1.25 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. NOTE: CVE disputes this issue, since $script_path is set to a constant value |
| classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form. |
| PHP remote file inclusion vulnerability in config.php in Rumble 1.02 allows remote attackers to execute arbitrary PHP code via a URL in the configArr[pathtodir] parameter. |
| BNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters. |
| Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable. |
| Cross-site scripting (XSS) vulnerability in hava.asp in Enigma Haber 4.2 allows remote attackers to inject arbitrary web script or HTML via the il parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| Unspecified vulnerability in OSADS Alliance Database before 1.4 has unknown impact and attack vectors related to a "Security Leak to lock in HTML-Code," possibly due to a cross-site scripting (XSS) vulnerability involving comments. |
| BNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable. |
| MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages. |
| Stack-based buffer overflow in the CL_ParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svc_download command with compressed data that triggers the overflow during expansion. |
| Cross-site scripting (XSS) vulnerability in cat.php in PHP Pro Publish 2.0 allows remote attackers to inject arbitrary web script or HTML via the catname parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| Denial of service in Debian IRC Epic/epic4 client via a long string. |
| Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages. |
| Mutt mail client allows a remote attacker to execute commands via shell metacharacters. |
| Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. |
