Export limit exceeded: 29921 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29921 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0248 | 1 Phpx | 1 Phpx | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in PHPX 3.2.3 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into (1) keywords argument of main.inc.php, (2) body argument of help.inc.php, or (3) the subject field in Personal Messages and Forum. | ||||
| CVE-2006-2847 | 1 Full Revolution | 1 Aspweblinks | 2026-04-16 | N/A |
| SQL injection vulnerability in links.asp in aspWebLinks 2.0 allows remote attackers to execute arbitrary SQL commands via the linkID parameter. | ||||
| CVE-2004-0255 | 1 Xlight Ftp Server | 1 Xlight Ftp Server | 2026-04-16 | N/A |
| Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow. | ||||
| CVE-2006-1712 | 1 Gnu | 1 Mailman | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote attackers to inject arbitrary web script or HTML via the action argument. | ||||
| CVE-2006-3541 | 1 Kyberna | 1 Ky2help | 2026-04-16 | N/A |
| SQL injection vulnerability in Meine Links (aka My Links) in Kyberna ky2help allows remote authenticated users to execute arbitrary SQL commands via unspecified "textboxes." | ||||
| CVE-2004-0259 | 1 Joe Lumbroso Acks | 1 Formmail.php | 2026-04-16 | N/A |
| The check_referer() function in Formmail.php 5.0 and earlier allows remote attackers to bypass access restrictions via an empty or spoofed HTTP Referer, as demonstrated using an application on the same web server that contains a cross-site scripting (XSS) issue. | ||||
| CVE-2004-0266 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| SQL injection vulnerability in the "public message" capability (public_message) for Php-Nuke 6.x to 7.1.0 allows remote attackers to obtain the administrator password via the c_mid parameter. | ||||
| CVE-2006-1713 | 1 Phpmyforum | 1 Phpmyforum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Christoph Roeder phpMyForum 4.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2006-2851 | 1 Dotproject | 1 Dotproject | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in dotProject 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, which are not properly handled when the client is using Internet Explorer. | ||||
| CVE-2004-0274 | 1 Eggheads | 1 Eggdrop Irc Bot | 2026-04-16 | N/A |
| Share.mod in Eggheads Eggdrop IRC bot 1.6.10 through 1.6.15 can mistakenly assign STAT_OFFERED status to a bot that is not a sharebot, which allows remote attackers to use STAT_OFFERED to promote a bot to a sharebot and conduct unauthorized activities. | ||||
| CVE-2006-1716 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode img tag. NOTE: the email vector is already covered by CVE-2006-1625, although it might stem from the same core issue. | ||||
| CVE-2006-1723 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2026-04-16 | N/A |
| Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different. | ||||
| CVE-2004-0278 | 1 Ratbag | 5 Dirt Track Racing, Dirt Track Racing Australia, Dirt Track Racing Sprint Cars and 2 more | 2026-04-16 | N/A |
| Ratbag game engine, as used in products such as Dirt Track Racing, Leadfoot, and World of Outlaws Spring Cars, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet that specifies the length of data to read and then sends a second TCP packet that contains less data than specified, which causes Ratbag to repeatedly check the socket for more data. | ||||
| CVE-2004-0282 | 1 Crob | 1 Crob Ftp Server | 2026-04-16 | N/A |
| Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of service (crash) by repeatedly connecting to and disconnecting from the server. | ||||
| CVE-2006-1724 | 3 Debian, Mozilla, Redhat | 6 Debian Linux, Firefox, Mozilla Suite and 3 more | 2026-04-16 | N/A |
| Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML. | ||||
| CVE-2004-0295 | 1 Transsoft | 1 Broker Ftp Server | 2026-04-16 | N/A |
| TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a denial of service (CPU consumption) via an open idle connection. | ||||
| CVE-2004-0296 | 1 Transsoft | 1 Broker Ftp Server | 2026-04-16 | N/A |
| TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a TsFtpSrv.exe to exit with an exception by opening and immediately closing a connection. | ||||
| CVE-2004-0300 | 1 Ecommerce Corporation Online | 1 Store Kit | 2026-04-16 | N/A |
| SQL injection vulnerability in Online Store Kit 3.0 allows remote attackers to inject arbitrary SQL and gain unauthorized access via (1) the cat parameter in shop.php, (2) the id parameter in more.php, (3) the cat_manufacturer parameter in shop_by_brand.php, or (4) the id parameter in listing.php. | ||||
| CVE-2004-0309 | 1 Zonelabs | 2 Integrity, Zonealarm | 2026-04-16 | N/A |
| Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client 4.0 before 4.0.146.046, and 4.5 before 4.5.085, allows remote attackers to execute arbitrary code via a long RCPT TO argument. | ||||
| CVE-2004-0618 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD 5.1 for the Alpha processor allows local users to cause a denial of service (crash) via an execve system call with an unaligned memory address as an argument. | ||||