Search Results (360766 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0444 1 Cisco 1 Cbos 2026-04-16 N/A
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information.
CVE-2001-0446 1 Ibm 1 Websphere Commerce Suite 2026-04-16 N/A
IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL.
CVE-2006-1152 1 M Phorum 1 M Phorum 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 allows remote attackers to include arbitrary files via the go parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-0343 1 Hitachi 2 Jpi Netsight Ii Port Discovery Advance, Jpi Netsight Ii Port Discovery Standard 2026-04-16 N/A
Unspecified vulnerability in the Port Discovery Standard and Advanced features in Hitachi JP1/NetInsight II allows attackers to stop the Port Discovery service via unknown vectors involving "invalid format data".
CVE-2001-0450 1 Transsoft 1 Broker Ftp Server 2026-04-16 N/A
Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the file name.
CVE-2006-1153 1 D2-shoutbox 1 D2-shoutbox 2026-04-16 N/A
SQL injection vulnerability in D2-Shoutbox 4.2 allows remote attackers to execute arbitrary SQL commands via the load parameter, when performing a Shoutbox action through Invision Power Board (IPB).
CVE-2001-0451 1 Sentraweb 1 Indexu 2026-04-16 N/A
INDEXU 2.0 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the cookie_admin_authenticated cookie value to 1.
CVE-2006-1154 1 Fscripts 1 Fantastic News 2026-04-16 N/A
PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote attackers to include arbitrary files via the CONFIG[script_path] variable. NOTE: 2.1.4 was also reported to be vulnerable.
CVE-2006-3143 1 Maximus 1 Schoolmax 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in icue_login.asp in Maximus SchoolMAX 4.0.1 and earlier iCue and iParent applications allows remote attackers to inject arbitrary web script or HTML via the error_msg parameter.
CVE-2001-0453 1 Brs 1 Webweaver 2026-04-16 N/A
Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories.
CVE-2006-1157 1 Adp 1 Adp Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the Subject field (possibly messaggio parameter) when posting a new message in post.php.
CVE-2001-0458 4 Debian, Mandrakesoft, Ralf S. Engelschall and 1 more 4 Debian Linux, Mandrake Linux, Eperl and 1 more 2026-04-16 N/A
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.
CVE-2001-0459 2 Afterstep.org, Rob Malda 2 Afterstep, Ascdc 2026-04-16 N/A
Buffer overflows in ascdc Afterstep while running setuid allows local users to gain root privileges via a long (1) -d option, (2) -m option, or (3) -f option.
CVE-2001-0460 1 Baltimore Technologies 1 Websweeper 2026-04-16 N/A
Websweeper 4.0 does not limit the length of certain HTTP headers, which allows remote attackers to cause a denial of service (memory exhaustion) via an extremely large HTTP Referrer: header.
CVE-2006-1161 1 Efs Software 1 Efs Web Server 2026-04-16 N/A
Absolute path traversal vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder.
CVE-2001-0461 1 Denis Howe 1 Foldoc 2026-04-16 N/A
template.cgi in Free On-Line Dictionary of Computing (FOLDOC) allows remote attackers to read files and execute commands via shell metacharacters in the argument to template.cgi.
CVE-2006-1162 1 Nodez 1 Nodez 2026-04-16 N/A
Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows remote attackers to read or include arbitrary PHP files via a .. (dot dot) in the op parameter, as demonstrated by inserting malicious Email parameters into list.gtdat, then accessing list.gtdat using the op parameter.
CVE-2001-0462 1 Spencer Christensen 1 Perl Web Server 2026-04-16 N/A
Directory traversal vulnerability in Perl web server 0.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVE-2006-1164 1 Nodez 1 Nodez 2026-04-16 N/A
Nodez 4.6.1.1 and earlier stores sensitive data in the list.gtdat file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by directly accessing list.gtdat.
CVE-2001-0465 1 Intuit 1 Turbo Tax 2026-04-16 N/A
TurboTax saves passwords in a temporary file when a user imports investment tax information from a financial institution, which could allow local users to obtain sensitive information.