| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter. |
| SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter. |
| The DG/UX finger daemon allows remote command execution through shell metacharacters. |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Qdig before 1.2.9.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) pre_gallery or (2) post_gallery parameters. |
| Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. |
| IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL. |
| Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service. |
| Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases. |
| Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. |
| The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a local user with console access to gain administrator privileges, aka the "Service Control Manager Named Pipe Impersonation" vulnerability. |
| The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. |
| In older versions of Sendmail, an attacker could use a pipe character to execute root commands. |
| A race condition in the Solaris ps command allows an attacker to overwrite critical files. |
| NFS cache poisoning. |
| WebShield SMTP 4.5 allows remote attackers to cause a denial of service by sending e-mail with a From: address that has a . (period) at the end, which causes WebShield to continuously send itself copies of the e-mail. |
| NFS allows users to use a "cd .." command to access other directories besides the exported file system. |
| In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. |
| Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list. |
| Denial of service in syslog by sending it a large number of superfluous messages. |
| FormMail CGI program allows remote execution of commands. |
