Export limit exceeded: 359472 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0906 | 1 Top Line | 1 D3jeeb Pro | 2026-04-16 | N/A |
| SQL injection vulnerability in D3Jeeb Pro 3 allows remote attackers to execute arbitrary SQL commands via the catid parameter in (1) fastlinks.php and (2) catogary.php. | ||||
| CVE-2006-1331 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Noah's Classifieds 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) method or (2) list parameter. | ||||
| CVE-2006-2868 | 1 Claroline | 1 Claroline | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the includePath cookie to (1) auth/extauth/drivers/mambo.inc.php or (2) auth/extauth/drivers/postnuke.inc.php. | ||||
| CVE-2001-0924 | 1 Ibm | 1 Informix Web Datablade | 2026-04-16 | N/A |
| Directory traversal vulnerability in ifx CGI program in Informix Web DataBlade allows remote attackers to read arbitrary files via a .. (dot dot) in the LO parameter. | ||||
| CVE-2001-0930 | 1 Sendpage | 1 Sendpage.pl | 2026-04-16 | N/A |
| Sendpage.pl allows remote attackers to execute arbitrary commands via a message containing shell metacharacters. | ||||
| CVE-2001-0934 | 1 Cooolsoft | 1 Powerftp | 2026-04-16 | N/A |
| Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the physical path of the server root via the pwd command, which lists the full pathname. | ||||
| CVE-2006-1334 | 1 Maian Script World | 1 Maian Weblog | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) entry and (2) email parameters to (a) print.php and (b) mail.php. | ||||
| CVE-2006-2870 | 1 Intelligent Solutions | 1 Asp Discussion Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in forum_search.asp in Intelligent Solutions Inc. ASP Discussion Forum allows remote attackers to inject arbitrary web script or HTML via the search variable. | ||||
| CVE-2001-0938 | 1 Persits | 1 Aspupload | 2026-04-16 | N/A |
| Directory traversal vulnerability in AspUpload 2.1, in certain configurations, allows remote attackers to upload and read arbitrary files, and list arbitrary directories, via a .. (dot dot) in the Filename parameter in (1) UploadScript11.asp or (2) DirectoryListing.asp. | ||||
| CVE-2001-0940 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name. | ||||
| CVE-2001-0956 | 1 Speechio | 1 Speechd | 2026-04-16 | N/A |
| speechd 0.54 and earlier, with the Festival or rsynth speech synthesis package, allows attackers to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2006-1336 | 1 Extcalendar | 1 Extcalendar | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in calendar.php in ExtCalendar 1.0 and possibly other versions before 2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) year, (2) month, (3) next, and (4) prev parameters. | ||||
| CVE-2006-2872 | 1 Rumble | 1 Rumble | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in config.php in Rumble 1.02 allows remote attackers to execute arbitrary PHP code via a URL in the configArr[pathtodir] parameter. | ||||
| CVE-2006-1339 | 1 Cutephp | 1 Cutenews | 2026-04-16 | N/A |
| Directory traversal vulnerability in inc/functions.inc.php in CuteNews 1.4.1 and possibly other versions, when register_globals is enabled, allows remote attackers to include arbitrary files via a .. (dot dot) sequence and trailing NULL (%00) byte in the archive parameter in an HTTP POST or COOKIE request, which bypasses a sanity check that is only applied to a GET request. | ||||
| CVE-2001-0959 | 2 Broadcom, Ca | 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 | 2026-04-16 | N/A |
| Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files. | ||||
| CVE-2006-0969 | 1 Pixelartkingdom | 1 Top Sites | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in Top sites de PixelArtKingdom allows remote attackers to include and execute arbitrary files via the page parameter. | ||||
| CVE-2001-0961 | 1 John E. Davis | 1 Most | 2026-04-16 | N/A |
| Buffer overflow in tab expansion capability of the most program allows local or remote attackers to execute arbitrary code via a malformed file that is viewed with most. | ||||
| CVE-2001-0962 | 1 Ibm | 2 Websphere Application Server, Websphere Commerce Suite | 2026-04-16 | N/A |
| IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing. | ||||
| CVE-2006-1340 | 1 Cutephp | 1 Cutenews | 2026-04-16 | N/A |
| CuteNews 1.4.1 and possibly other versions allows remote attackers to obtain the installation path via unspecified vectors involving an invalid file path. | ||||
| CVE-2001-0963 | 1 Pi-soft | 1 Spoonftp | 2026-04-16 | N/A |
| Directory traversal vulnerability in SpoonFTP 1.1 allows local and sometimes remote attackers to access files outside of the FTP root via a ... (modified dot dot) in the CD (CWD) command. | ||||