Export limit exceeded: 13912 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4545 | 1 Netdirect | 1 Shopengine | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in NetDirect ShopEngine allows remote attackers to inject arbitrary web script or HTML via the EXPS parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-1999-0902 | 1 Linux-nis | 1 Ypserv | 2026-04-16 | N/A |
| ypserv allows local administrators to modify password tables. | ||||
| CVE-2005-4546 | 1 Epic Designs | 1 Eggblog | 2026-04-16 | N/A |
| search.php in eggblog 2.0 allows remote attackers to obtain the full path via an invalid q parameter, as used by the Keyword and Search fields, possibly due to an SQL injection vulnerability. | ||||
| CVE-1999-0910 | 1 Microsoft | 3 Commercial Internet System, Site Server, Site Server Commerce | 2026-04-16 | N/A |
| Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user. | ||||
| CVE-2005-4547 | 1 Epic Designs | 1 Eggblog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in home/search.php in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the q parameter, as used by the Keyword and Search fields. | ||||
| CVE-1999-0911 | 1 Proftpd Project | 1 Proftpd | 2026-04-16 | N/A |
| Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories. | ||||
| CVE-1999-0916 | 1 Webtrends | 5 Webtrends Enterprise Suite, Webtrends For Firewalls, Webtrends Log Analyzer and 2 more | 2026-04-16 | N/A |
| WebTrends software stores account names and passwords in a file which does not have restricted access permissions. | ||||
| CVE-1999-0919 | 1 Motorola | 1 Motorola Cablerouter | 2026-04-16 | N/A |
| A memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections. | ||||
| CVE-1999-0924 | 1 Allaire | 1 Coldfusion Server | 2026-04-16 | N/A |
| The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service. | ||||
| CVE-2005-4550 | 1 Oracle | 1 Application Server Discussion Forum Portlet | 2026-04-16 | N/A |
| The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00). | ||||
| CVE-1999-0930 | 1 Matt Wright | 1 Wwwboard | 2026-04-16 | N/A |
| wwwboard allows a remote attacker to delete message board articles via a malformed argument. | ||||
| CVE-1999-0934 | 2026-04-16 | N/A | ||
| classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters. | ||||
| CVE-2005-4553 | 1 Kmint21 Software | 1 Golden Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long APPE command. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-1999-0935 | 2026-04-16 | N/A | ||
| classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form. | ||||
| CVE-1999-0936 | 2026-04-16 | N/A | ||
| BNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters. | ||||
| CVE-2005-4555 | 1 Dev | 1 Dev Web Management System | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in add.php in DEV web management system 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) ENTER_ARTICLE_TITLE, (2) SPECIFY_ZONE, (3) ENTER_ARTICLE_HEADER, and (4) ENTER_ARTICLE_BODY indices in the language array parameter. | ||||
| CVE-1999-0937 | 2026-04-16 | N/A | ||
| BNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable. | ||||
| CVE-1999-0946 | 1 Yamaha | 1 Midiplug | 2026-04-16 | N/A |
| Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag. | ||||
| CVE-1999-0947 | 1 An | 1 An-httpd | 2026-04-16 | N/A |
| AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters. | ||||
| CVE-2005-4557 | 3 Deerfield, Icewarp, Merak | 3 Visnetic Mail Server, Web Mail, Mail Server | 2026-04-16 | N/A |
| dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, allows remote attackers to include arbitrary local files via a null byte (%00) in the lang parameter, possibly due to a directory traversal vulnerability. | ||||