| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote attackers to execute arbitrary code via a long parameter in an HTTP GET request. |
| Almond Classifieds does not properly verify the password, which allows attackers to bypass access restrictions. |
| Unspecified vulnerability in ldapdiff before 1.1.1 has unknown impact and attack vectors, related to "ldapdiff.conf path construction". |
| Unspecified vulnerability in Joomla! before 1.0.4 has unknown impact and attack vectors, related to "Potential misuse of Media component file management functions." |
| Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) form_lang parameter in login.php and (2) the imgdir parameter in random_image.php. |
| PHP remote file inclusion vulnerability in payment_paypal.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary PHP code via the config[basepath] parameter. |
| Cross-site scripting (XSS) vulnerability in popup.php in Advanced Poll 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the poll_ident parameter. |
| Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. NOTE: it is not clear whether this issue can be triggered by an attacker. |
| Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination. |
| Multiple cross-site scripting (XSS) vulnerabilities in act_newsletter.php in phpwcms 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) i and (2) text parameters. |
| SQL injection vulnerability in admin/index.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary SQL commands via the username field. |
| Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute arbitrary code. |
| Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via (1) the query string in read.php or (2) unknown vectors in file.php. |
| SQL injection vulnerability in results.php in SimplePoll allows remote attackers to execute arbitrary SQL commands via the pollid parameter. |
| Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via the proxystylesheet variable, which will be executed in the resulting error message. |
| PHP remote file inclusion vulnerability in pollvote.php in PollVote allows remote attackers to include arbitrary files via a URL in the pollname parameter. |
| HTTP response splitting vulnerability in phpAdsNew and phpPgAds 2.0.6 and earlier allows remote attackers to inject arbitrary HTML headers via adclick.php and possibly other unspecified vectors. |
| phpBB 2.0.18 allows remote attackers to obtain sensitive information via a large SQL query, which generates an error message that reveals SQL syntax or the full installation path. |
| SQL injection vulnerability in index.php in phpComasy 0.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: an examination of the 0.7.5 source code suggests that there is no id parameter being handled directly by index.php. |
| Xconfig in Hummingbird Exceed before 9.0.0.1, when the Screen Definition is password-protected, allows local users to access certain options by switching to another tab, then switching back to the original tab. |
