Export limit exceeded: 361785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (361785 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1952 1 Pico Server 1 Pico Server 2026-04-16 N/A
Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitrary files and execute arbitrary commands via a /./ (slash dot slash) before each .. (dot dot) sequence in the URL, which results in an incorrect directory depth count.
CVE-2004-2191 1 Turbotraffictrader 1 Turbotraffictrader Php 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ttt-webmaster.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) msg[0] or (2) siteurl parameters.
CVE-2004-2192 1 Turbotraffictrader 1 Turbotraffictrader Php 2026-04-16 N/A
SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the ttt_admin parameter.
CVE-2005-1954 1 Singapore 1 Singapore 2026-04-16 N/A
singapore 0.9.11 allows remote attackers to obtain sensitive information via a direct request to (1) admin.class.php, (2) any .tpl.php file in templates/admin_default/, or (3) any .tpl.php file in templates/default/, which reveal the path in an error message.
CVE-2000-0057 1 Allaire 1 Coldfusion Server 2026-04-16 N/A
Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information.
CVE-2004-1690 1 Rhinosoft 1 Dns4me 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL.
CVE-2004-2194 1 Mailenable 2 Mailenable Enterprise, Mailenable Professional 2026-04-16 N/A
MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands.
CVE-2005-1955 1 Singapore 1 Singapore 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9.11 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter.
CVE-2004-1291 1 Amir Malik 1 Qwik Smtpd 2026-04-16 N/A
Buffer overflow in qwik-smtpd allows remote attackers to use the server as an SMTP spam relay via a long HELO command, which overwrites the adjacent localIP data buffer.
CVE-2004-2195 1 Zanfi Solutions 1 Zanfi Cms Lite 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter.
CVE-2000-0063 1 Nortel 1 Contivity 2026-04-16 N/A
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script.
CVE-2004-0264 2 Jim Rees, Shaun2k2 2 Jim Rees Httpd, Palmhttpd 2026-04-16 N/A
palmhttpd for PalmOS allows remote attackers to cause a denial of service (crash) by establishing two simultaneous HTTP connections, which exceeds the PalmOS accept queue.
CVE-2004-1297 1 Zack Smith 1 Unrtf 2026-04-16 N/A
Buffer overflow in the process_font_table function in convert.c for unrtf 0.19.3 allows remote attackers to execute arbitrary code via a crafted RTF file.
CVE-2004-2196 1 Zanfi Solutions 1 Zanfi Cms Lite 2026-04-16 N/A
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others.
CVE-2000-0064 1 Nortel 1 Contivity 2026-04-16 N/A
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters.
CVE-2004-1298 1 Michael Kohn 1 Vb2c 2026-04-16 N/A
Buffer overflow in the parse function in vb2c.c for vb2c 0.02 allows remote attackers to execute arbitrary code via a crafted FRM file.
CVE-2004-2199 1 Duware 1 Duclassified 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web script or HTML via the message text.
CVE-2004-1299 1 Vilistextum 1 Vilistextum 2026-04-16 N/A
Buffer overflow in the get_attr function in html.c for vilistextum 2.6.6 allows remote attackers to execute arbitrary code via a crafted web page.
CVE-2004-2201 1 Duware 1 Duforum 2026-04-16 N/A
SQL injection vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to execute arbitrary SQL commands via the FOR_ID parameter in messages.asp, (2) MSG_ID parameter in messageDetail.asp, or (3) password parameter in the login form.
CVE-2004-2204 1 Macromedia 1 Coldfusion 2026-04-16 N/A
Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT.