Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-1657 1 Chucky A. Ivey 1 N.t. 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Chucky A. Ivey N.T. 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter, which is not filtered when the administrator views the "Login Log" page.
CVE-2001-0066 2 Kevin Lindsay, Redhat 2 Secure Locate, Linux 2026-04-16 N/A
Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer.
CVE-2001-0067 1 Judd Montgomery 1 Jpilot 2026-04-16 N/A
The installation of J-Pilot creates the .jpilot directory with the user's umask, which could allow local attackers to read other users' PalmOS backup information if their umasks are not securely set.
CVE-2001-1552 1 Microsoft 1 Windows Me 2026-04-16 N/A
ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message. NOTE: multiple replies to the original post state that the problem could not be reproduced.
CVE-2002-0787 1 Critical Path 1 Injoin Directory Server 2026-04-16 N/A
Cross-site scripting vulnerabilities in iCon administrative web server for Critical Path inJoin Directory Server 4.0 allow remote attackers to execute script as the administrator via administrator URLs with modified (1) LOCID or (2) OC parameters.
CVE-2006-1668 1 Crafty Syntax Image Gallery 1 Crafty Syntax Image Gallery 2026-04-16 N/A
newimage.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PHP thumbnail Photo Gallery) 3.1g and earlier allows remote authenticated users to upload and execute arbitrary PHP code via a multipart/form-data POST with a .jpg filename in the fullimage parameter and the ext parameter set to .php.
CVE-2001-0068 1 Apple 1 Mac Os Runtime For Java 2026-04-16 N/A
Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter.
CVE-2006-1670 1 Cisco 5 Ons 15310-cl Series, Ons 15454 Mspp, Ons 15454 Mstp and 2 more 2026-04-16 N/A
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910.
CVE-2002-0784 1 Lysias 1 Lidik Webserver 2026-04-16 N/A
Directory traversal vulnerability in Lysias Lidik web server 0.7b allows remote attackers to list directories via an HTTP request with a ... (modified dot dot).
CVE-2002-0781 1 Novell 1 Bordermanager 2026-04-16 N/A
RTSP proxy for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a GET request to port 9090 followed by a series of carriage returns, which causes proxy.nlm to ABEND.
CVE-2000-1224 1 Caucho Technology 1 Resin 2026-04-16 N/A
Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others.
CVE-2006-1685 1 Apt 1 Apt-webshop-system 2026-04-16 N/A
Multiple SQL injection vulnerabilities in modules.php in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allow remote attackers to execute arbitrary SQL commands via the (1) group, (2) seite, and (3) id parameter, possibly involving the artikel functionality. NOTE: this vulnerability also allows resultant path disclosure when the SQL queries are invalid.
CVE-2001-0092 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability.
CVE-2001-0093 1 Freebsd 1 Freebsd 2026-04-16 N/A
Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd.
CVE-2006-1697 1 Matt Wright 1 Matt Wright Guestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3.1 allows remote attackers to execute arbitrary web script or HTML via the (1) Your Name, (2) E-Mail, or (3) Comments fields when posting a message.
CVE-2001-0094 1 Freebsd 1 Freebsd 2026-04-16 N/A
Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 authentication library) in NetBSD 1.5 and FreeBSD 4.2 and earlier, as used in Kerberised applications such as telnetd and login, allows local users to gain root privileges.
CVE-2001-0096 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability.
CVE-2001-0097 1 Infinite 1 Infinite Interchange 2026-04-16 N/A
The Web interface for Infinite Interchange 3.6.1 allows remote attackers to cause a denial of service (application crash) via a large POST request.
CVE-2001-0099 1 Brian Stanback 1 Bsguest.cgi 2026-04-16 N/A
bsguest.cgi guestbook script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address.
CVE-2001-0104 1 Alt-n 1 Mdaemon 2026-04-16 N/A
MDaemon Pro 3.5.1 and earlier allows local users to bypass the "lock server" security setting by pressing the Cancel button at the password prompt, then pressing the enter key.