| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code. |
| Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag. |
| Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password. |
| Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients. |
| Buffer overflow in vxTftpSrv 1.7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TFTP request with a long filename argument. |
| Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. |
| Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attackers to cause a denial of service (reboot) via a UDP packet sent directly to port 9110. |
| File Transfer Anywhere 3.01 stores sensitive password information in plaintext in the PASS value in the "File Transfer Anywhere" registry key, which allows local users to gain privileges. |
| Cross-site scripting (XSS) vulnerability in Handy Address Book Server 1.1 allows remote attackers to inject arbitrary web script or HTML via the SEARCHTEXT parameter in a demos URL. |
| Unspecified vulnerability in Hosting Controller 6.1 before Hotfix 2.4 allows remote attackers to list and read contents of arbitrary drives, related to "the PHP vulnerability." |
| load_prefs.php and supporting include files in SquirrelMail 1.0.4 and earlier do not properly initialize certain PHP variables, which allows remote attackers to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary code by using options_order.php to upload a message that could be interpreted as PHP. |
| SQL injection vulnerability in AddItem.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idOption_Dropdown_2 parameter. |
| SQL injection vulnerability in search.php in My Little Forum 1.5 and 1.6 beta allows remote attackers to execute arbitrary SQL commands via the phrase field. |
| Directory traversal vulnerability in index.php in PhpMyExplorer before 1.2.1 allows remote attackers to read arbitrary files via a ..%2F (modified dot dot) in the chemin parameter. |
| ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. |
| SQL injection vulnerability in module/down.inc.php in jportal 2.3.1 allows remote attackers to execute arbitrary SQL commands via the search field to download.php. |
| The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x allows local users to cause a denial of service (kernel BUG()) via a negative first argument. |
| fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory. |
| Microsoft IIS 5.0 allows remote attackers to cause a denial of service via an HTTP request with a content-length value that is larger than the size of the request, which prevents IIS from timing out the connection. |
| Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges. |
