| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to execute arbitrary code via a long packet to UDP port 41524, which is not properly handled in a recvfrom call. |
| lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files. |
| Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument. |
| Cross-site scripting (XSS) vulnerability in index.php in SugarCRM 1.X allows remote attackers to inject arbitrary web script or HTML via the (1) return_module, (2) return_action, (3) name, (4) module, or (5) record parameter. |
| index.php in FlatNuke 2.5.1 allows remote attackers to create an administrator account via carriage returns and #10 in the url_avatar field, which is interpreted as a sensitive directive. |
| The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters. |
| Multiple SQL injection vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to showcat.php or (2) product parameter to addfav.php. |
| ReviewPost PHP Pro before 2.84 allows remote attackers to upload and execute arbitrary PHP files by posting a review file with multiple extensions, which bypasses the intended restrictions. |
| Multiple SQL injection vulnerabilities in showgallery.php in PhotoPost before 4.86 allow remote attackers to execute arbitrary SQL commands via the (1) cat or (2) ppuser parameter. |
| TFTP in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (application crash) via a GET request containing an MS-DOS device name. |
| Buffer overflow in the FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via (1) a long username in the USER command or (2) an FTP command that contains a long argument, such as cd, send, or ls. |
| The FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to gain sensitive information via a cd command that contains an MS-DOS device name, which reveals the installation path in an error message. |
| Soldner Secret Wars 30830 and earlier does not properly handle the "message too long" socket error, which allows remote attackers to cause a denial of service (socket termination) via a long UDP packet. |
| Format string vulnerability in Soldner Secret Wars 30830 and earlier allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in a message. |
| LANChat Pro Revival 1.666c allows remote attackers to cause a denial of service (application crash) via a malformed UDP packet. |
| Directory traversal vulnerability in index.php in QwikiWiki allows remote attackers to read arbitrary files via a .. (dot dot) and a %00 at the end of the filename in the page parameter. |
| SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the user-agent parameter. |
| Webseries Payment Application does not properly restrict privileged operations, which allows remote authenticated users to gain privileges by directly accessing certain URLs. |
| eMotion MediaPartner Web Server 5.0 and 5.1 allows remote attackers to obtain sensitive information via an HTTP request for a .bhtml file that contains a (1) . (dot) or (2) + (plus sign) at the end, which returns the source code for that file. |
| Bottomline Webseries Payment Application allows remote attackers to read arbitrary files on the network via a report template with modified ReportPath or ReportName values. |
