Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4622 1 Comscripts 1 Annoncev 2026-04-16 N/A
PHP remote file inclusion vulnerability in annonce.php in AnnonceV (aka annoncesV) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
CVE-2004-2314 1 Novell 1 Ichain 2026-04-16 N/A
The Telnet listener for Novell iChain Server before 2.2 Field Patch 3b 2.2.116 does not have a password by default, which allows remote attackers to gain access.
CVE-2006-4628 1 Vcd-db 1 Vcd-db 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in VCD-db before 0.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors when handling comments.
CVE-2004-2342 1 Burton Sang 1 Chatterbox 2026-04-16 N/A
ChatterBox 2.0 allows remote attackers to cause a denial of service (server crash) via a malformed request to the server, as demonstrated using "aaaaaa".
CVE-2006-4643 1 Uni-vert 1 Phpleague 2026-04-16 N/A
SQL injection vulnerability in consult/joueurs.php in Uni-Vert PhpLeague 0.82 and earlier allows remote attackers to execute arbitrary SQL commands via the id_joueur parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2004-2337 1 Inlook 1 Inlook 2026-04-16 N/A
The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed with world readable permissions, which allows local users to obtain user POP3 credentials.
CVE-2004-2365 1 Microsoft 2 Windows 2003 Server, Windows Xp 2026-04-16 N/A
Memory leak in Microsoft Windows XP and Windows Server 2003 allows local users to cause a denial of service (memory exhaustion) by repeatedly creating and deleting directories using a non-standard tool such as smbmount.
CVE-2006-4660 1 Icq Inc 1 Icq Toolbar 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the RSS Feed module in AOL ICQ Toolbar 1.3 for Internet Explorer (toolbaru.dll) allow remote attackers to process arbitrary web script or HTML in the Feeds interface context via the (1) title and (2) description elements within an item element in an RSS feed.
CVE-2006-4662 1 Mirabilis 1 Icq 2026-04-16 N/A
Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type.
CVE-2004-2410 1 Samhain Labs 1 Samhain 2026-04-16 N/A
Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2.0.1 might allow attackers to cause a denial of service (null pointer dereference).
CVE-2004-2470 1 Madbms 1 Madbms 2026-04-16 N/A
Unspecified vulnerability in MadBMS before 1.1.5 has unknown impact and attack vectors, related to logins.
CVE-2006-4675 1 Andreas Gohr 1 Dokuwiki 2026-04-16 N/A
Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows remote attackers to upload executable files into the data/media folder via unspecified vectors.
CVE-2006-4680 1 Canon 7 Imagerunner 2620, Imagerunner 5020, Imagerunner 6870 and 4 more 2026-04-16 N/A
The Remote UI in Canon imageRUNNER includes usernames and passwords when exporting an address book, which allows context-dependent attackers to obtain sensitive information.
CVE-2006-4684 1 Zope 1 Zope 2026-04-16 N/A
The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458.
CVE-2004-2488 1 Nexgen 1 Nexgen Ftp Server 2026-04-16 N/A
Directory traversal vulnerability in Nexgen FTP Server before 2.2.3.23 allows remote authenticated users to read or list arbitrary files via "C:" sequences in the (1) RETR (get), (2) NLST (ls), (3) LIST (ls), (4) RNFR, or (5) RNTO FTP commands.
CVE-2004-2643 1 Microsoft 1 Cabarc 2026-04-16 N/A
Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via "../" sequences in file names in a CAB archive.
CVE-2006-4708 1 Vikingboard 1 Vikingboard 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1b allow remote attackers to inject arbitrary web script or HTML via the (1) act parameter in (a) help.php and (b) search.php, and the (2) p parameter in report.php.
CVE-2004-2537 1 Netwin 1 Surgemail 2026-04-16 N/A
Unspecified vulnerability in SurgeMail before 2.2c10 has unknown impact and attack vectors, related to a "Webmail security bug."
CVE-2006-4726 1 Adobe 1 Coldfusion 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a ColdFusion error page.
CVE-2004-2559 1 Andreas Gohr 1 Dokuwiki 2026-04-16 N/A
DokuWiki before 2004-10-19 allows remote attackers to access administrative functionality including (1) Mediaselectiondialog, (2) Recent changes, (3) feed, and (4) search, possibly due to the lack of ACL checks.