Export limit exceeded: 358957 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2130 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in privmsg.php in phpBB 2.0.6 allow remote attackers to execute arbitrary script or HTML via the (1) folder or (2) mode variables. | ||||
| CVE-2000-0038 | 1 Glftpd | 1 Glftpd | 2026-04-16 | N/A |
| glFtpD includes a default glftpd user account with a default password and a UID of 0. | ||||
| CVE-2004-2186 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| SQL injection vulnerability in MediaWiki 1.3.5 allows remote attackers to execute arbitrary SQL commands via SpecialMaintenance. | ||||
| CVE-2004-0260 | 1 Cactusoft | 1 Cactushop Lite | 2026-04-16 | N/A |
| The AddToMailingList function in CactuSoft CactuShop 5.0 Lite contains a backdoor that allows remote attackers to delete arbitrary files via an email address that starts with |||. | ||||
| CVE-2004-2188 | 1 Dmxready | 1 Dmxready Site Chassis Manager | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2005-1952 | 1 Pico Server | 1 Pico Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitrary files and execute arbitrary commands via a /./ (slash dot slash) before each .. (dot dot) sequence in the URL, which results in an incorrect directory depth count. | ||||
| CVE-2004-2191 | 1 Turbotraffictrader | 1 Turbotraffictrader Php | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ttt-webmaster.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) msg[0] or (2) siteurl parameters. | ||||
| CVE-2004-2192 | 1 Turbotraffictrader | 1 Turbotraffictrader Php | 2026-04-16 | N/A |
| SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the ttt_admin parameter. | ||||
| CVE-2005-1954 | 1 Singapore | 1 Singapore | 2026-04-16 | N/A |
| singapore 0.9.11 allows remote attackers to obtain sensitive information via a direct request to (1) admin.class.php, (2) any .tpl.php file in templates/admin_default/, or (3) any .tpl.php file in templates/default/, which reveal the path in an error message. | ||||
| CVE-2000-0057 | 1 Allaire | 1 Coldfusion Server | 2026-04-16 | N/A |
| Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information. | ||||
| CVE-2004-1690 | 1 Rhinosoft | 1 Dns4me | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL. | ||||
| CVE-2004-2194 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2026-04-16 | N/A |
| MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands. | ||||
| CVE-2005-1955 | 1 Singapore | 1 Singapore | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9.11 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter. | ||||
| CVE-2004-1291 | 1 Amir Malik | 1 Qwik Smtpd | 2026-04-16 | N/A |
| Buffer overflow in qwik-smtpd allows remote attackers to use the server as an SMTP spam relay via a long HELO command, which overwrites the adjacent localIP data buffer. | ||||
| CVE-2004-2195 | 1 Zanfi Solutions | 1 Zanfi Cms Lite | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter. | ||||
| CVE-2000-0063 | 1 Nortel | 1 Contivity | 2026-04-16 | N/A |
| cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script. | ||||
| CVE-2004-0264 | 2 Jim Rees, Shaun2k2 | 2 Jim Rees Httpd, Palmhttpd | 2026-04-16 | N/A |
| palmhttpd for PalmOS allows remote attackers to cause a denial of service (crash) by establishing two simultaneous HTTP connections, which exceeds the PalmOS accept queue. | ||||
| CVE-2004-1297 | 1 Zack Smith | 1 Unrtf | 2026-04-16 | N/A |
| Buffer overflow in the process_font_table function in convert.c for unrtf 0.19.3 allows remote attackers to execute arbitrary code via a crafted RTF file. | ||||
| CVE-2004-2196 | 1 Zanfi Solutions | 1 Zanfi Cms Lite | 2026-04-16 | N/A |
| Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others. | ||||
| CVE-2000-0064 | 1 Nortel | 1 Contivity | 2026-04-16 | N/A |
| cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters. | ||||