Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2001-0705 Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with "dot dot" sequences in the template ar... | N/A | NONE | — | 0 |
| CVE-2001-0706 Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to cause a denial of service (crash) via a mkdir command that specifies a large number of sub-folders. | N/A | NONE | — | 0 |
| CVE-2001-0707 Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a denial of service (crash) via a long string to port 514. | N/A | NONE | — | 0 |
| CVE-2001-0708 Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a denial of service (crash) via a long string. | N/A | NONE | — | 0 |
| CVE-2001-0709 Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode. | N/A | NONE | — | 0 |
| CVE-2001-0710 NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool. | N/A | NONE | — | 0 |
| CVE-2001-0963 Directory traversal vulnerability in SpoonFTP 1.1 allows local and sometimes remote attackers to access files outside of the FTP root via a ... (modified dot dot) in the CD (CWD) command. | N/A | NONE | — | 0 |
| CVE-2001-0964 Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows malicious remote servers to execute arbitrary code via a long console command. | N/A | NONE | — | 0 |
| CVE-2001-1018 Lotus Domino web server 5.08 allows remote attackers to determine the internal IP address of the server when NAT is enabled via a GET request that contains a long sequence of / (slash) characters. | N/A | NONE | — | 0 |
| CVE-2026-22615 Due to improper input validation in one of the Eaton Intelligent Power Protector (IPP) XML, it is possible for an attacker with admin privileges and access to the local system to inject malicious code... | 6.0 | MEDIUM | — | 0 |
| CVE-2026-3551 The Custom New User Notification plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's admin settings in all versions up to, and including, 1.2.0. This is due to insuffici... | 4.4 | MEDIUM | — | 0 |
| CVE-2026-3581 The Basic Google Maps Placemarks plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.10.7. This is due to the plugin not properly verifying that a user is au... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-10416 A vulnerability was identified in Campcodes Grocery Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=delete_supplier. The manipulation of the argument ID l... | 7.3 | HIGH | — | 0 |
| CVE-2001-1029 libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilitie... | N/A | NONE | — | 0 |
| CVE-2001-0940 Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name. | N/A | NONE | — | 0 |
| CVE-2026-33852 Missing Release of Memory after Effective Lifetime vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11. | 7.5 | HIGH | — | 0 |
| CVE-2001-1023 Xcache 2.1 allows remote attackers to determine the absolute path of web server documents by requesting a URL that is not cached by Xcache, which returns the full pathname in the Content-PageName head... | N/A | NONE | — | 0 |
| CVE-2001-0955 Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of char... | N/A | NONE | — | 0 |
| CVE-2001-1034 Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter. | N/A | NONE | — | 0 |
| CVE-2001-0998 IBM HACMP 4.4 allows remote attackers to cause a denial of service via a completed TCP connection to HACMP ports (e.g., using a port scan) that does not send additional data, which causes a failure in... | N/A | NONE | — | 0 |
| CVE-2001-1032 admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check login credentials for upload operations, which allows remote attackers to copy and upload arbitrary files and read the PHP-Nuke con... | N/A | NONE | — | 0 |
| CVE-2001-1035 Binary decoding feature of slrn 0.9 and earlier allows remote attackers to execute commands via shell scripts that are inserted into a news post. | N/A | NONE | — | 0 |
| CVE-2026-4754 CWE-79 vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11. | 6.1 | MEDIUM | — | 0 |
| CVE-2001-1033 Compaq TruCluster 1.5 allows remote attackers to cause a denial of service via a port scan from a system that does not have a DNS PTR record, which causes the cluster to enter a "split-brain" state. | N/A | NONE | — | 0 |
| CVE-2001-1293 Buffer overflow in web server of 3com HomeConnect Cable Modem External with USB (#3CR29223) allows remote attackers to cause a denial of service (crash) via a long HTTP request. | N/A | NONE | — | 0 |
| CVE-2001-1383 initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files. | N/A | NONE | — | 0 |
| CVE-2001-1031 Directory traversal vulnerability in Meteor FTP 1.0 allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the ls/LIST command, or (2) a ... in the cd/CWD command. | N/A | NONE | — | 0 |
| CVE-2001-1253 Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords in plain text in the com2001.ini file, which could allow local users to make long distance calls as other users. | N/A | NONE | — | 0 |
| CVE-2001-1254 Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server, which c... | N/A | NONE | — | 0 |
| CVE-2001-1382 The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to... | N/A | NONE | — | 0 |
| CVE-2001-1252 Network Associates PGP Keyserver 7.0 allows remote attackers to bypass authentication and access the administrative web interface via URLs that directly access cgi-bin instead of keyserver/cgi-bin for... | N/A | NONE | — | 0 |
| CVE-2001-1170 AmTote International homebet program stores the homebet.log file in the homebet/ virtual directory, which allows remote attackers to steal account and PIN numbers. | N/A | NONE | — | 0 |
| CVE-2001-0731 Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string. | N/A | NONE | — | 0 |
| CVE-2025-10417 A security flaw has been discovered in Campcodes Grocery Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=delete_product. The manipulation of the argument I... | 7.3 | HIGH | — | 0 |
| CVE-2026-4755 CWE-20 vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-10418 A weakness has been identified in SourceCodester Student Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_students.php. This manipulation of the argumen... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-10419 A security vulnerability has been detected in SourceCodester Student Grading System 1.0. Affected by this issue is some unknown functionality of the file /del_promote.php. Such manipulation of the arg... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-10420 A vulnerability was detected in SourceCodester Student Grading System 1.0. This affects an unknown part of the file /form137.php. Performing manipulation of the argument ID results in sql injection. T... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-10421 A flaw has been found in SourceCodester Student Grading System 1.0. This vulnerability affects unknown code of the file /update_account.php. Executing manipulation of the argument ID can lead to sql i... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-10422 A vulnerability has been found in newbee-mall up to 613a662adf1da7623ec34459bc83e3c1b12d8ce7. This issue affects the function paySuccess of the file /paySuccess of the component Order Status Handler. ... | 4.3 | MEDIUM | — | 0 |
| CVE-2025-10423 A vulnerability was found in newbee-mall 1.0. Impacted is the function mallKaptcha of the file /common/mall/kaptcha. The manipulation results in guessable captcha. The attack can be executed remotely.... | 3.7 | LOW | — | 0 |
| CVE-2025-10424 A vulnerability was determined in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The affected element is an unknown function of the file /admin/controller/faculty_con... | 7.3 | HIGH | — | 0 |
| CVE-2025-10425 A vulnerability was identified in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The impacted element is an unknown function of the file /admin/controller/student_con... | 7.3 | HIGH | — | 0 |
| CVE-2025-10426 A security flaw has been discovered in itsourcecode Online Laundry Management System 1.0. This affects an unknown function of the file /login.php. Performing manipulation of the argument Username resu... | 7.3 | HIGH | — | 0 |
| CVE-2025-12257 A security vulnerability has been detected in SourceCodester Online Student Result System 1.0. This issue affects some unknown processing of the file /view_result.php. The manipulation of the argument... | 7.3 | HIGH | — | 0 |
| CVE-2025-12261 A vulnerability was found in CodeAstro Gym Management System 1.0. This affects an unknown function of the file /admin/actions/remove-announcement.php. Performing a manipulation of the argument ID resu... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-12262 A vulnerability was determined in code-projects Online Event Judging System 1.0. This impacts an unknown function of the file /edit_criteria.php. Executing manipulation of the argument crit_id can lea... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-12263 A vulnerability was identified in code-projects Online Event Judging System 1.0. Affected is an unknown function of the file /edit_judge.php. The manipulation of the argument judge_id leads to sql inj... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-12266 A vulnerability was detected in Zytec Dalian Zhuoyun Technology Central Authentication Service up to 20251009. This vulnerability affects the function _empty of the file /index.php/auth/widget. Perfor... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-12267 A flaw has been found in abhicodebox ModernShop 20250922. This issue affects some unknown processing of the file /search. Executing manipulation of the argument q can lead to cross site scripting. The... | 4.3 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.