Export limit exceeded: 17846 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346944 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346944 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0570 | 1 Centrinity | 1 Firstclass Intranet Server | 2026-04-16 | N/A |
| FirstClass Internet Services server 5.770, and other versions before 6.1, allows remote attackers to cause a denial of service by sending an email with a long To: mail header. | ||||
| CVE-2005-0994 | 1 Early Impact | 1 Productcart | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ProductCart 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the Category or resultCnt parameters to advSearch_h.asp, and possibly (2) the offset parameter to tarinasworld_butterflyjournal.asp. NOTE: it is possible that item (2) is the result of a typo or editing error from the original research report. | ||||
| CVE-2005-0995 | 1 Early Impact | 1 Productcart | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ProductCart 2.7 allow remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter to advSearch_h.asp, (2) the redirectUrl parameter to NewCust.asp, (3) the country parameter to storelocator_submit.asp, or (4) the error parameter to techErr.asp. NOTE: it has been reported that storelocator_submit.asp does not exist in ProductCart. | ||||
| CVE-2005-0996 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the email or url parameters in the Add function, (2) the min parameter in the viewsdownload function, or (3) the min parameter in the search function. | ||||
| CVE-2005-0999 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| SQL injection vulnerability in the Top module for PHP-Nuke 6.x through 7.6 allows remote attackers to execute arbitrary SQL commands via the querylang parameter. | ||||
| CVE-2005-1000 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the bid parameter to the EmailStats op in banners.pgp, (2) the ratenum parameter in the TopRated and MostPopular actions in the Web_Links module, (3) the ttitle parameter in the viewlinkdetails, viewlinkeditorial, viewlinkcomments, and ratelink actions in the Web_Links module, or (4) the username parameter in the Your_Account module. | ||||
| CVE-2005-1001 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via direct requests to (1) the Surveys module with the file parameter set to comments or (2) 3D-Fantasy/theme.php, which leaks the full pathname of the web server in a PHP error message. | ||||
| CVE-2005-1011 | 1 Iatek | 1 Siteenable | 2026-04-16 | N/A |
| SQL injection vulnerability in content.asp in SiteEnable allows remote attackers to execute arbitrary SQL commands via the sortby parameter. | ||||
| CVE-2001-1564 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space. | ||||
| CVE-2005-1013 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2026-04-16 | N/A |
| The SMTP service in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to cause a denial of service (server crash) via an EHLO command with a Unicode string. | ||||
| CVE-2002-1416 | 1 Webeasymail | 1 Webeasymail | 2026-04-16 | N/A |
| The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid and invalid usernames during authentication, which makes it easier for remote attackers to conduct brute force attacks. | ||||
| CVE-2002-1454 | 1 Mywebserver | 1 Mywebserver | 2026-04-16 | N/A |
| MyWebServer 1.0.2 allows remote attackers to determine the absolute path of the web document root via a request for a directory that does not exist, which leaks the pathname in an error message. | ||||
| CVE-2002-1462 | 1 Organicphp | 1 Php-affiliate | 2026-04-16 | N/A |
| details2.php in OrganicPHP PHP-affiliate 1.0, and possibly later versions, allows remote attackers to modify information of other users by modifying certain hidden form fields. | ||||
| CVE-2005-1038 | 2 Paul Vixie, Redhat | 2 Vixie Cron, Enterprise Linux | 2026-04-16 | N/A |
| crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235. | ||||
| CVE-2005-1039 | 1 Gnu | 1 Coreutils | 2026-04-16 | N/A |
| Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files. | ||||
| CVE-2005-1041 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route. | ||||
| CVE-2005-1042 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2026-04-16 | N/A |
| Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count. | ||||
| CVE-2005-1048 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | N/A |
| SQL injection vulnerability in modules.php in PostNuke 0.760 RC3 allows remote attackers to execute arbitrary SQL statements via the sid parameter. NOTE: the vendor reports that they could not reproduce the issues for 760 RC3, or for .750. | ||||
| CVE-2005-1061 | 2 Logwatch, Redhat | 3 Logwatch, Enterprise Linux, Linux Advanced Workstation | 2026-04-16 | N/A |
| The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS." | ||||
| CVE-2005-1083 | 1 Aewebworks | 1 Aedating | 2026-04-16 | N/A |
| index.php in aeDating 3.2 allows remote attackers to include arbitrary files via the skin parameter. | ||||