Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0744 1 Horde 1 Imp 2026-04-16 N/A
Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file.
CVE-2001-0745 1 Netscape 1 Messanger 2026-04-16 N/A
Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property.
CVE-2001-0924 1 Ibm 1 Informix Web Datablade 2026-04-16 N/A
Directory traversal vulnerability in ifx CGI program in Informix Web DataBlade allows remote attackers to read arbitrary files via a .. (dot dot) in the LO parameter.
CVE-2001-0930 1 Sendpage 1 Sendpage.pl 2026-04-16 N/A
Sendpage.pl allows remote attackers to execute arbitrary commands via a message containing shell metacharacters.
CVE-2001-0934 1 Cooolsoft 1 Powerftp 2026-04-16 N/A
Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the physical path of the server root via the pwd command, which lists the full pathname.
CVE-2006-2870 1 Intelligent Solutions 1 Asp Discussion Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in forum_search.asp in Intelligent Solutions Inc. ASP Discussion Forum allows remote attackers to inject arbitrary web script or HTML via the search variable.
CVE-2006-1334 1 Maian Script World 1 Maian Weblog 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) entry and (2) email parameters to (a) print.php and (b) mail.php.
CVE-2001-0938 1 Persits 1 Aspupload 2026-04-16 N/A
Directory traversal vulnerability in AspUpload 2.1, in certain configurations, allows remote attackers to upload and read arbitrary files, and list arbitrary directories, via a .. (dot dot) in the Filename parameter in (1) UploadScript11.asp or (2) DirectoryListing.asp.
CVE-2001-0940 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name.
CVE-2001-0956 1 Speechio 1 Speechd 2026-04-16 N/A
speechd 0.54 and earlier, with the Festival or rsynth speech synthesis package, allows attackers to execute arbitrary commands via shell metacharacters.
CVE-2006-1336 1 Extcalendar 1 Extcalendar 2026-04-16 N/A
Cross-site scripting vulnerability in calendar.php in ExtCalendar 1.0 and possibly other versions before 2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) year, (2) month, (3) next, and (4) prev parameters.
CVE-2006-1339 1 Cutephp 1 Cutenews 2026-04-16 N/A
Directory traversal vulnerability in inc/functions.inc.php in CuteNews 1.4.1 and possibly other versions, when register_globals is enabled, allows remote attackers to include arbitrary files via a .. (dot dot) sequence and trailing NULL (%00) byte in the archive parameter in an HTTP POST or COOKIE request, which bypasses a sanity check that is only applied to a GET request.
CVE-2001-0959 2 Broadcom, Ca 3 Arcserve Backup, Arcserve Backup 2000, Arcserve Backup 2000 2026-04-16 N/A
Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files.
CVE-2006-0969 1 Pixelartkingdom 1 Top Sites 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in Top sites de PixelArtKingdom allows remote attackers to include and execute arbitrary files via the page parameter.
CVE-2001-0961 1 John E. Davis 1 Most 2026-04-16 N/A
Buffer overflow in tab expansion capability of the most program allows local or remote attackers to execute arbitrary code via a malformed file that is viewed with most.
CVE-2001-0962 1 Ibm 2 Websphere Application Server, Websphere Commerce Suite 2026-04-16 N/A
IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing.
CVE-2006-1340 1 Cutephp 1 Cutenews 2026-04-16 N/A
CuteNews 1.4.1 and possibly other versions allows remote attackers to obtain the installation path via unspecified vectors involving an invalid file path.
CVE-2001-0963 1 Pi-soft 1 Spoonftp 2026-04-16 N/A
Directory traversal vulnerability in SpoonFTP 1.1 allows local and sometimes remote attackers to access files outside of the FTP root via a ... (modified dot dot) in the CD (CWD) command.
CVE-2001-0966 1 Nudester.org 1 Nudester 2026-04-16 N/A
Directory traversal vulnerability in Nudester 1.10 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the CD (CWD) command.
CVE-2001-0968 1 Knox Software 1 Arkeia 2026-04-16 N/A
Knox Arkeia server 4.2, and possibly other versions, installs its root user with a null password by default, which allows local and remote users to gain privileges.