Export limit exceeded: 359583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359583 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4470 | 1 Joomla | 1 Joomla\! | 2026-04-16 | N/A |
| Joomla! before 1.0.11 omits some checks for whether _VALID_MOS is defined, which allows attackers to have an unknown impact, possibly resulting in PHP remote file inclusion. | ||||
| CVE-2006-0489 | 1 Khaled Mardam-bey | 1 Mirc | 2026-04-16 | N/A |
| Buffer overflow in the font command of mIRC, probably 6.16, allows local users to execute arbitrary code via a long string. NOTE: the original researcher claims that issue has been disputed by the vendor, and that the vendor stated "as far as I can tell, this is neither an exploit nor a vulnerability. The above report describes a local bug in mIRC." It could be that this is only exploitable by the user of the application, and thus would not cross privilege boundaries unless under an otherwise restrictive environment such as a kiosk | ||||
| CVE-2006-4471 | 1 Joomla | 1 Joomla\! | 2026-04-16 | N/A |
| The Admin Upload Image functionality in Joomla! before 1.0.11 allows remote authenticated users to upload files outside of the /images/stories/ directory via unspecified vectors. | ||||
| CVE-2006-0490 | 1 Aspthai.net | 1 Aspthai Forums | 2026-04-16 | N/A |
| SQL injection vulnerability in login.asp in ASPThai.Net ASPThai Forums 8.0 and earlier allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the password field. | ||||
| CVE-2001-0451 | 1 Sentraweb | 1 Indexu | 2026-04-16 | N/A |
| INDEXU 2.0 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the cookie_admin_authenticated cookie value to 1. | ||||
| CVE-2001-0452 | 1 Brs | 1 Webweaver | 2026-04-16 | N/A |
| BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command. | ||||
| CVE-2001-0453 | 1 Brs | 1 Webweaver | 2026-04-16 | N/A |
| Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories. | ||||
| CVE-2006-4472 | 1 Joomla | 1 Joomla\! | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Joomla! before 1.0.11 allow attackers to bypass user authentication via unknown vectors involving the (1) do_pdf command and the (2) emailform com_content task. | ||||
| CVE-2001-0455 | 1 Cisco | 1 Aironet 340 | 2026-04-16 | N/A |
| Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration. | ||||
| CVE-2001-0457 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion). | ||||
| CVE-2001-0461 | 1 Denis Howe | 1 Foldoc | 2026-04-16 | N/A |
| template.cgi in Free On-Line Dictionary of Computing (FOLDOC) allows remote attackers to read files and execute commands via shell metacharacters in the argument to template.cgi. | ||||
| CVE-2001-0462 | 1 Spencer Christensen | 1 Perl Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Perl web server 0.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2001-0465 | 1 Intuit | 1 Turbo Tax | 2026-04-16 | N/A |
| TurboTax saves passwords in a temporary file when a user imports investment tax information from a financial institution, which could allow local users to obtain sensitive information. | ||||
| CVE-2001-0466 | 1 Microburst | 1 Ustorekeeper Online Shopping System | 2026-04-16 | N/A |
| Directory traversal vulnerability in ustorekeeper 1.61 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2001-0467 | 1 Robtex | 1 Viking Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a \... (modified dot dot) in an HTTP URL request. | ||||
| CVE-2006-0495 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Add Thread to Favorites feature in usercp2.php in MyBB (aka MyBulletinBoard) 1.02 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header ($url variable). | ||||
| CVE-2006-4473 | 1 Joomla | 1 Joomla | 2026-04-16 | N/A |
| Unspecified vulnerability in com_content in Joomla! before 1.0.11, when $mosConfig_hideEmail is set, allows attackers to perform the emailform and emailsend tasks. | ||||
| CVE-2006-0497 | 1 Php Gen | 1 Php Gen | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary SQL commands via unknown attack vectors. | ||||
| CVE-2006-4474 | 1 Joomla | 1 Joomla | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.11 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) Admin Module Manager, (2) Admin Help, and (3) Search. | ||||
| CVE-2001-0471 | 1 Ssh | 1 Ssh | 2026-04-16 | N/A |
| SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack. | ||||