Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1904 | 1 Animegenesis | 1 Gallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in AnimeGenesis Gallery allows remote attackers to inject arbitrary web script or HTML via the cat parameter. | ||||
| CVE-2004-1941 | 1 Fastream | 1 Netfile Ftp Web Server | 2026-04-16 | N/A |
| Fastream NETFile FTP/Web Server 6.5.1.980 allows remote attackers to cause a denial of service via a username that does not exist. | ||||
| CVE-2004-1943 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in album_portal.php in phpBB modified by Przemo 1.8 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter. | ||||
| CVE-2004-1944 | 1 Qualcomm | 1 Eudora | 2026-04-16 | N/A |
| Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multipart MIME message. | ||||
| CVE-2004-1949 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | N/A |
| SQL injection vulnerability in PostNuke 7.2.6 and earlier allows remote attackers to execute arbitrary SQL via (1) the sif parameter to index.php in the Comments module or (2) timezoneoffset parameter to changeinfo.php in the Your_Account module. | ||||
| CVE-2006-1906 | 1 Jjgan852 | 1 Phplister | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in jjgan852 phpLister 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2004-1950 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| phpBB 2.0.8a and earlier trusts the IP address that is in the X-Forwarded-For in the HTTP header, which allows remote attackers to spoof IP addresses. | ||||
| CVE-2004-1951 | 1 Xine | 3 Xine, Xine-lib, Xine-ui | 2026-04-16 | N/A |
| xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote attackers to overwrite arbitrary files via the (1) audio.sun_audio_device or (2) dxr3.devicename options in an MRL link. | ||||
| CVE-2004-2385 | 1 Emumail | 1 Emu Webmail | 2026-04-16 | N/A |
| EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path information (home directory) via an HTTP request for init.emu. | ||||
| CVE-2004-1958 | 1 Epic Games | 3 Unreal Engine, Unreal Tournament, Unreal Tournament 2003 | 2026-04-16 | N/A |
| Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in a UMOD (Unreal MOD) file. | ||||
| CVE-2006-1907 | 1 Mywebland | 1 Myevent | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in myEvent 1.x allow remote attackers to inject arbitrary SQL commands via the event_id parameter to (1) addevent.php or (2) del.php or (3) event_desc parameter to addevent.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2004-1959 | 1 Protector System | 1 Protector System | 2026-04-16 | N/A |
| blocker_query.php in Protector System 1.15b1 for PHP-Nuke allows remote attackers to gain sensitive information via a string in the portNum parameter, which reveals the full path in an error message. | ||||
| CVE-2004-1961 | 1 Protector System | 1 Protector System | 2026-04-16 | N/A |
| blocker.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection protection and execute limited SQL commands via URL-encoded "'" characters ("%27"). | ||||
| CVE-2006-1909 | 1 Coppermine | 1 Coppermine Photo Gallery | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote attackers to read arbitrary files via a .//./ (modified dot dot slash) in the file parameter, which causes a regular expression to collapse the sequences into standard "../" sequences. | ||||
| CVE-2004-1963 | 1 Freshmeat | 1 Network Query Tool | 2026-04-16 | N/A |
| nqt.php in Network Query Tool (NQT) 1.6 allows remote attackers to obtain sensitive information via a string in the portNum parameter, which reveals the full path in an error message. | ||||
| CVE-2004-1964 | 1 Freshmeat | 1 Network Query Tool | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in nqt.php in Network Query Tool (NQT) 1.6 allows remote attackers to inject arbitrary web script or HTML via the portNum parameter. | ||||
| CVE-2004-1969 | 1 Openbb | 1 Openbb | 2026-04-16 | N/A |
| The avatar upload capability in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to execute arbitrary script by uploading files that include scripting code such as Javascript. | ||||
| CVE-2006-1911 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MyBB (MyBulletinBoard) 1.1 allows remote attackers to inject arbitrary web script or HTML via the attachment content disposition in an HTML attachment. | ||||
| CVE-2004-1972 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| SQL injection vulnerability in modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote attackers to execute arbitrary SQL code via the (1) clipid or (2) catid parameters in a viewclip, viewcat, or voteclip action. | ||||
| CVE-2006-4555 | 1 Retro64 | 1 Cr64loader Activex Control | 2026-04-16 | N/A |
| Buffer overflow in the Retro64 / Miniclip CR64Loader ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors involving an HTML document that references the CLSID of the control. | ||||