Search Results (362761 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0720 1 Mcnews 1 Mcnews 2026-04-16 N/A
PHP remote file inclusion vulnerability in admin/header.php in PHP mcNews 1.3 allows remote attackers to execute arbitrary PHP code by modifying the skinfile parameter to reference a URL on a remote web server that contains the code.
CVE-2003-1157 1 Citrix 1 Metaframe 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter.
CVE-2005-0725 1 Wf-sections 1 Wf-sections 2026-04-16 N/A
SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote attackers to execute arbitrary SQL commands via the articleid parameter to article.php.
CVE-2005-2175 1 Ibm 1 Lotus Notes 2026-04-16 N/A
The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.
CVE-2003-1158 1 Plug And Play Software 1 Plug And Play Web Server 2026-04-16 N/A
Multiple buffer overflows in the FTP service in Plug and Play Web Server 1.0002c allow remote attackers to cause a denial of service (crash) via long (1) dir, (2) ls, (3) delete, (4) mkdir, (5) DELE, (6) RMD, or (7) MKD commands.
CVE-2003-1163 1 Ganglia 1 Gmond 2026-04-16 N/A
hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a denial of service (segmentation fault) via a UDP packet that contains a single-byte name string, which is used as an out-of-bounds array index.
CVE-2003-1169 1 Datev 1 Nutzungskontrolle 2026-04-16 N/A
DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle.
CVE-2005-0726 1 Ubbcentral 1 Ubb.threads 2026-04-16 N/A
SQL injection vulnerability in editpost.php in UBB.threads 6.0 allows remote attackers to execute arbitrary SQL commands via the Number parameter.
CVE-2003-1170 1 Gernot Stocker 1 Kpopup 2026-04-16 N/A
Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via format string specifiers in command line arguments.
CVE-2003-1173 1 Centrinity 1 Centrinity Firstclass 2026-04-16 N/A
Centrinity FirstClass 7.1 allows remote attackers to access sensitive information by appending search to the end of the URL and checking all of the search option checkboxes and leaving the text field blank, which will return all files in the searched directory.
CVE-2002-2152 1 Software602 1 602pro Lan Suite 2026-04-16 N/A
The Czech edition of Software602's Web Server before 2002.0.02.0916 allows remote attackers to gain administrator privileges via direct HTTP requests to the /admin/ directory, which is not password protected.
CVE-2003-1174 1 Nullsoft 1 Shoutcast Server 2026-04-16 N/A
Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL.
CVE-2002-2158 1 Zendocs 1 Zentrack 2026-04-16 N/A
zenTrack 2.0.3 and earlier allows remote attackers to obtain the full path to the web root via an invalid ticket ID, which leaks the path in an error message.
CVE-2003-1183 1 Oracle 1 Oracle Files 2026-04-16 N/A
The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and 9.0.3.3.0 of Oracle Collaboration Suite Release 1 caches files despite the cacheability rules imposed by Oracle Files, which allows local users to gain access.
CVE-2003-1145 1 Openautoclassifieds 1 Openautoclassifieds 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in friendmail.php in OpenAutoClassifieds 1.0 allows remote attackers to inject arbitrary web script or HTML via the listing parameter.
CVE-2005-2165 1 Globalnotescript 1 Globalnotescript 2026-04-16 N/A
read.cgi in GlobalNoteScript allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameters.
CVE-2003-1142 1 Network Instruments 1 Niprint Lpd-lpr Print Server 2026-04-16 N/A
Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows Explorer with SYSTEM privileges, which allows local users to gain privileges.
CVE-2004-1086 1 Apple 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more 2026-04-16 N/A
Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remote attackers to execute arbitrary code via a crafted PostScript input file.
CVE-2003-1141 1 Network Instruments 1 Niprint Lpd-lpr Print Server 2026-04-16 N/A
Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515.
CVE-2002-2107 1 Veridis 1 Openkeyserver 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the lookup script in Veridis OpenKeyServer (OKS) 1.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter.