| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cross-site scripting (XSS) vulnerability in index.php in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL. |
| The rstat/rstatd service is running. |
| The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. |
| The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag. |
| Directory traversal vulnerability in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to bypass access restrictions for (1) admin/aindex.asp or (2) admin/aindex.html via a .. (dot dot) and encoded / (%2f) sequence in the URL. |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Transition property on an uninitialized DXImageTransform.Microsoft.RevealTrans.1 ActiveX Object, which triggers a null dereference. |
| The rpc.rquotad service is running. |
| Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messages via a script that accesses a variable that references subsequent email messages that are read by the client. |
| Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters. |
| Unspecified vulnerability in Sun Solaris X Inter Client Exchange library (libICE) on Solaris 8 and 9 allows context-dependent attackers to cause a denial of service (application crash) to applications that use the library. |
| A version of rusers is running that exposes valid user information to any entity on the network. |
| Cross-site scripting (XSS) vulnerability in index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to inject arbitrary web script or HTML via the page_name parameter with an IMG tag containing a javascript URI in the SRC attribute. |
| The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. |
| The ident/identd service is running. |
| index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to obtain sensitive information (partial database schema) via a modified page_name parameter, which reflects portions of an SQL query in the result. NOTE: it is not clear whether the information is target-specific. If not, then this issue is not an exposure. |
| Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
| The NT Alerter and Messenger services are running. |
| The RPC portmapper service is running. |
| The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. |
| The echo service is running. |
