Full List

Search

Recent Vulnerabilities

• CVE-2001-0211 • published on March 9, 2001 Directory traversal vulnerability in WebSPIRS 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the sp.nextform parameter.
• CVE-2001-0212 • published on March 9, 2001 Directory traversal vulnerability in HIS Auktion 1.62 allows remote attackers to read arbitrary files via a .. (dot dot) in the menue parameter, and possibly execute commands via shell metacharacters.
• CVE-2001-0216 • published on March 9, 2001 PALS Library System pals-cgi program allows remote attackers to execute arbitrary commands via shell metacharacters in the documentName parameter.
• CVE-2001-0214 • published on March 9, 2001 Way-board CGI program allows remote attackers to read arbitrary files by specifying the filename in the db parameter and terminating the filename with a null byte.
• CVE-2001-0224 • published on March 9, 2001 Muscat Empower CGI program allows remote attackers to obtain the absolute pathname of the server via an invalid request in the DB parameter.
• CVE-2001-0226 • published on March 9, 2001 Directory traversal vulnerability in BiblioWeb web server 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) or ... attack in an HTTP GET request.
• CVE-2001-0228 • published on March 9, 2001 Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to read arbitrary files via a .. attack in an HTTP GET request.
• CVE-2001-0213 • published on March 9, 2001 Buffer overflow in pi program in PlanetIntra 2.5 allows remote attackers to execute arbitrary commands.
• CVE-2001-0201 • published on March 9, 2001 The Postaci frontend for PostgreSQL does not properly filter characters such as semicolons, which could allow remote attackers to execute arbitrary SQL queries via the deletecontact.php program.
• CVE-2001-0202 • published on March 9, 2001 Picserver web server allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTP GET request.
• CVE-2001-0209 • published on March 9, 2001 Buffer overflow in Shoutcast Distributed Network Audio Server (DNAS) 1.7.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long description.
• CVE-2001-0217 • published on March 9, 2001 Directory traversal vulnerability in PALS Library System pals-cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the documentName parameter.
• CVE-2001-0220 • published on March 9, 2001 Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local users to gain root privileges.
• CVE-2001-0225 • published on March 9, 2001 fortran math component in Infobot 0.44.5.3 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.
• CVE-2001-0227 • published on March 9, 2001 Buffer overflow in BiblioWeb web server 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request.
• CVE-2001-0231 • published on March 9, 2001 Directory traversal vulnerability in newsdesk.cgi in News Desk 1.2 allows remote attackers to read arbitrary files via a .. in the "t" parameter.
• CVE-1999-0359 • published on February 14, 2001 ptylogin in Unix systems allows users to perform a denial of service by locking out modems, dial out with that modem, or obtain passwords.
• CVE-1999-0757 • published on February 14, 2001 The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates.
• CVE-1999-0784 • published on February 14, 2001 Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP.
• CVE-1999-0805 • published on February 14, 2001 Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests.