Latest CVE Feed
-
2.6
LOWCVE-2006-4071
Sign extension vulnerability in the createBrushIndirect function in the GDI library (gdi32.dll) in Microsoft Windows XP, Server 2003, and possibly other versions, allows user-assisted attackers to cause a denial of service (application crash) via a crafte... Read more
- EPSS Score: %22.84
- Published: Aug. 10, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2005-1576
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file... Read more
Affected Products : firefox- EPSS Score: %0.49
- Published: May. 12, 2005
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2007-4831
Multiple cross-site scripting (XSS) vulnerabilities in account_settings.php in TorrentTrader 1.07 allow remote attackers to inject arbitrary web script or HTML via the (1) avatar and (2) title parameters.... Read more
Affected Products : torrenttrader- EPSS Score: %0.33
- Published: Sep. 12, 2007
- Modified: Apr. 09, 2025
-
2.6
LOWCVE-2006-1642
Cross-site scripting (XSS) vulnerability in Interact 2.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) the search_terms parameter to (a) search.php, and (2) the first_name, (3) last_name, (4) email, (5) password, and (6) confirm... Read more
Affected Products : interact- EPSS Score: %0.43
- Published: Apr. 06, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2001-1353
ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled.... Read more
Affected Products : ghostscript- EPSS Score: %0.07
- Published: Sep. 18, 2001
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-1750
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Autogallery 0.41 allow remote attackers to inject arbitrary web script or HTML via the (1) pic or (2) show parameters.... Read more
Affected Products : autogallery- EPSS Score: %0.57
- Published: Apr. 12, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2010-1515
Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS 2.0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) keyword or (2) article-id parameter in conjunction with a /admin/news/article/list PA... Read more
Affected Products : tomatocms- EPSS Score: %0.31
- Published: Jun. 15, 2010
- Modified: Apr. 11, 2025
-
2.6
LOWCVE-2001-0089
Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form" vulnerability.... Read more
Affected Products : internet_explorer- EPSS Score: %38.30
- Published: Feb. 16, 2001
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-1999-0031
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.... Read more
- EPSS Score: %2.94
- Published: Jul. 08, 1997
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-4011
PHP remote file inclusion vulnerability in esupport/admin/autoclose.php in Kayako eSupport 2.3.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the subd parameter.... Read more
Affected Products : esupport- EPSS Score: %5.04
- Published: Aug. 07, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-3305
Multiple cross-site scripting (XSS) vulnerabilities in UebiMiau Webmail 2.7.10, and 2.7.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) f_user parameter in index.php, the (2) pag parameter in messages.php, or the (3... Read more
Affected Products : uebimiau- EPSS Score: %0.53
- Published: Jun. 29, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2005-1793
User32.DLL in Microsoft Windows 98SE, and possibly other operating systems, allows local and remote attackers to cause a denial of service (crash) via an icon (.ico) bitmap file with large width and height values.... Read more
Affected Products : windows_98se- EPSS Score: %8.92
- Published: Jun. 01, 2005
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2005-2343
Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which p... Read more
- EPSS Score: %1.95
- Published: Dec. 31, 2005
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2013-4877
The Verizon Wireless Network Extender SCS-26UC4 and SCS-2U01 does not use CAVE authentication, which makes it easier for remote attackers to obtain ESN and MIN values from arbitrary phones, and conduct cloning attacks, by sniffing the network for registra... Read more
Affected Products : wireless_network_extender- EPSS Score: %0.24
- Published: Jul. 18, 2013
- Modified: Apr. 11, 2025
-
2.6
LOWCVE-2009-1986
Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality via unknown vectors.... Read more
Affected Products : e-business_suite- EPSS Score: %0.52
- Published: Jul. 14, 2009
- Modified: Apr. 09, 2025
-
2.6
LOWCVE-2006-1918
Multiple cross-site scripting (XSS) vulnerabilities in Papoo 2.1.5 allow remote attackers to inject arbitrary web script or HTML via the menuid parameter to (1) index.php or (2) forum.php, or the (3) reporeid_print parameter to print.php.... Read more
Affected Products : papoo- EPSS Score: %0.41
- Published: Apr. 20, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2010-4783
Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magic_quotes_gpc is disabled, allow remote attackers to inject arbitrary web script or HTML via the (1) siteurl and (2) urlbanner paramet... Read more
Affected Products : easy_banner_free- EPSS Score: %4.38
- Published: Apr. 07, 2011
- Modified: Apr. 11, 2025
-
2.6
LOWCVE-2006-1675
Multiple cross-site scripting (XSS) vulnerabilities in PHPWebGallery 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) num, and (3) search parameters to (a) category.php, and the (4) slideshow, (5) show_metadata, and... Read more
Affected Products : phpwebgallery- EPSS Score: %0.56
- Published: Apr. 10, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-1699
Cross-site scripting (XSS) vulnerability in index.php in Aweb Banner Generator 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the banner parameter in view mode.... Read more
Affected Products : banner_generator- EPSS Score: %0.53
- Published: Apr. 11, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-1745
Cross-site scripting (XSS) vulnerability in login.php in Bitweaver 1.3 allows remote attackers to inject arbitrary web script or HTML via the error parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third... Read more
Affected Products : bitweaver- EPSS Score: %0.40
- Published: Apr. 12, 2006
- Modified: Apr. 03, 2025