Export limit exceeded: 29913 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29913 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4185 | 1 Novell | 1 Edirectory | 2026-04-16 | N/A |
| Unspecified vulnerability in the NCPENGINE in Novell eDirectory 8.7.3.8 allows local users to cause a denial of service (CPU consumption) via unspecified vectors, as originally demonstrated using a Nessus scan. | ||||
| CVE-2006-4189 | 1 Boonex | 1 Dolphin | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) index.php, (2) aemodule.php, (3) browse.php, (4) cc.php, (5) click.php, (6) faq.php, (7) gallery.php, (8) im.php, (9) inbox.php, (10) join_form.php, (11) logout.php, (12) messages_inbox.php, and many other scripts. | ||||
| CVE-2004-2175 | 1 All Enthusiast Inc | 1 Reviewpost Php Pro | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the (1) product parameter to showproduct.php or (2) cat parameter to showcat.php. | ||||
| CVE-2006-3073 | 1 Cisco | 2 Asa 5500, Vpn 3000 Concentrator Series Software | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN feature in the Cisco VPN 3000 Series Concentrators and Cisco ASA 5500 Series Adaptive Security Appliances (ASA), when in WebVPN clientless mode, allow remote attackers to inject arbitrary web script or HTML via the domain parameter in (1) dnserror.html and (2) connecterror.html, aka bugid CSCsd81095 (VPN3k) and CSCse48193 (ASA). NOTE: the vendor states that "WebVPN full-network-access mode" is not affected, despite the claims by the original researcher. | ||||
| CVE-2004-2178 | 1 Devoybb | 1 Devoybb Web Forum | 2026-04-16 | N/A |
| SQL injection vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2004-2181 | 1 Wowbb | 1 Wowbb Web Forum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in WowBB Forum 1.61 allow remote attackers to execute arbitrary SQL commands via the (1) sort_by or (2) page parameters to view_user.php, or the (3) forum_id parameter to view_topic.php. NOTE: the sort_by vector was later reported to be present in WowBB 1.65. | ||||
| CVE-2006-4191 | 1 Xmb Software | 1 Extreme Message Board | 2026-04-16 | N/A |
| Directory traversal vulnerability in memcp.php in XMB (Extreme Message Board) 1.9.6 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the langfilenew parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by header.php. | ||||
| CVE-2004-2183 | 1 Wehelpbus | 1 Wehelpbus | 2026-04-16 | N/A |
| Unknown vulnerability in WeHelpBUS 0.1 allows remote attackers to execute arbitrary shell commands via the query string. | ||||
| CVE-2004-2184 | 1 Digicraft Software | 1 Yak | 2026-04-16 | N/A |
| Directory traversal vulnerability in Digicraft Yak! server 2.0 through 2.1.2 allows remote attackers to read or write arbitrary files via "../" or "..\" sequences in commands such as (1) dir or (2) put. | ||||
| CVE-2004-2189 | 1 Dmxready | 1 Dmxready Site Chassis Manager | 2026-04-16 | N/A |
| SQL injection vulnerability in DMXReady Site Chassis Manager allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2004-2190 | 1 Unzoo | 1 Unzoo | 2026-04-16 | N/A |
| Directory traversal vulnerability in Unzoo 4.4-2 has unknown impact and attack vectors. | ||||
| CVE-2004-2191 | 1 Turbotraffictrader | 1 Turbotraffictrader Php | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ttt-webmaster.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) msg[0] or (2) siteurl parameters. | ||||
| CVE-2004-2192 | 1 Turbotraffictrader | 1 Turbotraffictrader Php | 2026-04-16 | N/A |
| SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the ttt_admin parameter. | ||||
| CVE-2004-2193 | 1 Cjoverkill | 1 Cjoverkill | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in trade.php for CJOverkill 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the (1) tms[0] or (2) url parameters. | ||||
| CVE-2004-2197 | 1 Kdocker | 1 Kdocker | 2026-04-16 | N/A |
| kdocker.cpp in kdocker 0.1 through 0.8 does not properly check the ownership of files, which could allow local users to execute arbitrary programs. | ||||
| CVE-2004-2199 | 1 Duware | 1 Duclassified | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web script or HTML via the message text. | ||||
| CVE-2004-2202 | 1 Duware | 1 Duclassified | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in DUware DUclassified 4.0 through 4.2 allows remote attackers to bypass authentication and execute other commands on the server's underlying database via the (1) cat_id or (2) sub_id parameters in adDetail.asp, or (2) the password parameter in the login form. | ||||
| CVE-2004-2207 | 1 Ideal Science | 1 Idealbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2004-2208 | 1 Ideal Science | 1 Idealbb | 2026-04-16 | N/A |
| CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to conduct HTTP response splitting attacks via unknown vectors. | ||||
| CVE-2004-2210 | 1 Express-web | 1 Express-web Content Management System | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Express-Web Content Management System (CMS) allow remote attackers to steal cookie-based authentication information and possibly perform other exploits via the (1) n, (2) b, (3) e, or (4) a parameters to default.asp, (5) the Referer header in an HTTP request to login.asp, or (6) the email parameter to subscribe/default.asp. | ||||