Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2873 | 1 Enigma Haber | 1 Enigma Haber | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in hava.asp in Enigma Haber 4.2 allows remote attackers to inject arbitrary web script or HTML via the il parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2870 | 1 Intelligent Solutions | 1 Asp Discussion Forum | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in forum_search.asp in Intelligent Solutions Inc. ASP Discussion Forum allows remote attackers to inject arbitrary web script or HTML via the search variable. | ||||
| CVE-2006-2867 | 1 Coolforum | 1 Coolforum | 2025-04-03 | N/A |
| SQL injection vulnerability in editpost.php in CoolForum 0.8.3 beta and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter. | ||||
| CVE-2006-2864 | 1 Blueshoes | 1 Blueshoes Framework | 2025-04-03 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in BlueShoes Framework 4.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) APP[path][applications] parameter to (a) Bs_Faq.class.php, (2) APP[path][core] parameter to (b) fileBrowserInner.php, (c) file.php, and (d) viewer.php, and (e) Bs_ImageArchive.class.php, (3) GLOBALS[APP][path][core] parameter to (f) Bs_Ml_User.class.php, or (4) APP[path][plugins] parameter to (g) Bs_Wse_Profile.class.php. | ||||
| CVE-1999-0270 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
| Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files. | ||||
| CVE-2006-2862 | 1 Particle Soft | 1 Particle Gallery | 2025-04-03 | N/A |
| SQL injection vulnerability in viewimage.php in Particle Gallery 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the imageid parameter. | ||||
| CVE-2002-0480 | 1 Iss | 1 Realsecure Nokia | 2025-04-03 | N/A |
| ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is configured to allow a user "skank" on a machine "starscream" to become a key manager when the "first time connection" feature is enabled and before any legitimate administrators have connected, which could allow remote attackers to gain access to the device during installation. | ||||
| CVE-2000-0455 | 1 David Bagley | 1 Xlock | 2025-04-03 | N/A |
| Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option. | ||||
| CVE-2006-2861 | 1 Particle Soft | 1 Particle Wiki | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in Particle Wiki 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter. | ||||
| CVE-2006-2855 | 1 Xuebook | 1 Xuebook | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in xueBook 1.0 allows remote attackers to execute arbitrary SQL commands via the start parameter. | ||||
| CVE-2006-2844 | 1 Redaxo | 1 Redaxo | 2025-04-03 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Redaxo 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the REX[INCLUDE_PATH] parameter to (1) simple_user/pages/index.inc.php and (2) stats/pages/index.inc.php. | ||||
| CVE-2002-0512 | 1 Caldera | 2 Openlinux Server, Openlinux Workstation | 2025-04-03 | N/A |
| startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries. | ||||
| CVE-2000-0454 | 1 Mandrakesoft | 1 Mandrake Linux | 2025-04-03 | N/A |
| Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter. | ||||
| CVE-2006-2838 | 1 F-secure | 2 F-secure Anti-virus, Internet Gatekeeper | 2025-04-03 | N/A |
| Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host. | ||||
| CVE-2006-2835 | 1 Arabless | 1 Saphplesson | 2025-04-03 | N/A |
| SQL injection vulnerability in saphplesson 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) forumid parameter in add.php and (2) lessid parameter in show.php. | ||||
| CVE-2006-2833 | 1 Drupal | 1 Drupal | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the taxonomy module in Drupal 4.6.8 and 4.7.2 allows remote attackers to inject arbitrary web script or HTML via inputs that are not properly validated when the page title is output, possibly involving the $names variable. | ||||
| CVE-2000-0446 | 1 Marty Bochane | 1 Mdbms | 2025-04-03 | N/A |
| Buffer overflow in MDBMS database server allows remote attackers to execute arbitrary commands via a long string. | ||||
| CVE-2004-0353 | 1 Gnu | 1 Anubis | 2025-04-03 | N/A |
| Multiple buffer overflows in auth_ident() function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string. | ||||
| CVE-2002-2413 | 2 Deerfield, Microsoft | 3 Website Pro, Windows 9x, Windows Nt | 2025-04-03 | N/A |
| WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name. | ||||
| CVE-2003-1316 | 1 Endonesia | 1 Endonesia | 2025-04-03 | N/A |
| mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||