| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which bypasses intended protections against such attacks. |
| Multiple SQL injection vulnerabilities in DSNewsletter 1.0, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the email parameter to (1) include/sub.php, (2) include/confirm.php, or (3) include/unconfirm.php. |
| Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma file to launch Windows Media Player, or by referencing an "alternate web page." |
| Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the config parameter. NOTE: this might be the same core issue as CVE-2005-2732. |
| Multiple access validation errors in OutStart Participate Enterprise (PE) allow remote attackers to (1) browse arbitrary directory trees by modifying the rootFolder parameter to displaynavigator.jsp, (2) rename arbitrary directory objects by modifying the selectedObject parameter to renamepopup.jsp, (3) delete arbitrary directory objects by modifying the selectedObjectsCSV parameter to displaydeletenavigator.jsp, and conduct other unauthorized activities via the (4) showDeleteView, (5) showWebFolderView, (6) showLibraryView, (7) showMyLibraryView, (8) singleSelectObject, (9) processRadioSelection, (10) processCheckboxSelection, (11) singleSelectObject, (12) addToSelectedObjects, or (13) removeFromSelectedObjects commands. |
| Microsoft Windows 2000 before Update Rollup 1 for SP4 records Event ID 1704 to indicate that Group Policy security settings were successfully updated, even when the processing fails such as when Ntuser.pol cannot be accessed, which could cause system administrators to believe that the system is compliant with the specified settings. |
| Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.5 allows remote attackers to inject arbitrary web script or HTML via the (1) list or (2) frommethod parameters. |
| Multiple cross-site scripting (XSS) vulnerabilities in banners.cgi in PerlCoders BannerFarm 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) aff and (2) cat parameters. |
| Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and earlier allows remote authenticated users to include and execute arbitrary PHP code via a ".." (dot dot) in a language cookie, as demonstrated by uploading then accessing a smiliefile image that actually contains PHP code. |
| The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost. |
| PHP remote file inclusion vulnerability in stats.php in MyGamingLadder 7.0 allows remote attackers to execute arbitrary PHP code via a URL in the dir[base] parameter. |
| Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via text strings that are not null terminated, which triggers a null dereference. |
| Cross-site scripting (XSS) vulnerability in cgi-bin/guest in Community Architect Guestbook allows remote attackers to inject arbitrary web script or HTML by signing the guestbook, which is displayed by fsguestbook.html. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| Eval injection vulnerability in index.php in ClanSys 1.1 allows remote attackers to execute arbitrary PHP code via PHP code in the page parameter, as demonstrated by using an "include" statement that is injected into the eval statement. NOTE: this issue has been described as file inclusion by some sources, but that is just one attack; the primary vulnerability is eval injection. |
| Cross-site scripting (XSS) vulnerability in member.php in 4images 1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the nickname, probably involving the user_name parameter in register.php. |
| Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment." |
| Format string vulnerability in Skulltag 0.96f and earlier allows remote attackers to cause a denial of service via the version string. |
| Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan attribute. |
| Multiple SQL injection vulnerabilities in Pixelpost 1.5 beta 1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the showimage parameter in index.php; and the (2) USER_AGENT, (3) HTTP_REFERER, and (4) HTTP_HOST HTTP header fields as used in the book_vistor function in includes/functions.php. NOTE: the vendor has disputed some issues from the original disclosure, but due to the vagueness of the dispute, it is not clear whether the vendor is disputing this particular issue. |
| Firefox before 1.0 allows the user to store a (1) javascript: or (2) data: URLs as a Livefeed bookmark, then executes it in the security context of the currently loaded page when the user later accesses the bookmark, which could allow remote attackers to execute arbitrary code. |
