| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in ZBServer Pro 1.50 allows remote attackers to execute commands via a long GET request. |
| Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual directory via a GET request to the htimage.exe CGI program. |
| The shopping cart application provided with Filemaker allows remote users to modify sensitive purchase information via hidden form fields. |
| surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end, which may allow users to bypass web access restrictions. |
| wwwthreads does not properly cleanse numeric data or table names that are passed to SQL queries, which allows remote attackers to gain privileges for wwwthreads forums. |
| Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack. |
| The Finger Server 0.82 allows remote attackers to execute commands via shell metacharacters. |
| Buffer overflow in SCO scohelp program allows remote attackers to execute commands. |
| Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands. |
| Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR, RNTO, MKD, XMKD, RMD, XRMD, APPE, SIZE, and RNFR commands. |
| The Check It Out shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. |
| The @Retail shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. |
| The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. |
| The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. |
| Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a malformed RETR command. |
| Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service via a large number of connections. |
| Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metacharacters in the topic hidden field. |
| The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417. |
| Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack. |
| The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions. |