Export limit exceeded: 29910 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29910 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2766 | 1 Symantec | 1 Norton Antivirus | 2026-04-16 | N/A |
| Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly other versions, when obtaining updates from an internal LiveUpdate server, stores sensitive information in cleartext in the Log.Liveupdate log file, which allows attackers to obtain the username and password to the internal LiveUpdate server. | ||||
| CVE-2005-2786 | 1 Cosmoshop | 1 Cosmoshop | 2026-04-16 | N/A |
| Directory traversal vulnerability in bestmail_edit.cgi in cosmoshop 8.10.78 and earlier allows remote administrators to read arbitrary files via ".." sequences in the file parameter. | ||||
| CVE-2005-2785 | 1 Cosmoshop | 1 Cosmoshop | 2026-04-16 | N/A |
| cosmoshop 8.10.78 and earlier stores passwords in plaintext in the database, which allows local users to obtain sensitive information. | ||||
| CVE-2005-2842 | 1 Dameware Development | 1 Mini Remote Control Server | 2026-04-16 | N/A |
| Buffer overflow in dwrcs.exe in DameWare Mini Remote Control before 4.9.0 allows remote attackers to execute arbitrary code via the username. | ||||
| CVE-2005-2846 | 1 Cmsmadesimple | 1 Cms Made Simple | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in lang.php in CMS Made Simple 0.10 and earlier allows remote attackers to execute arbitrary PHP code via the nls[file][vx][vxsfx] parameter. | ||||
| CVE-2005-2841 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials. | ||||
| CVE-2006-1544 | 1 Vscripts | 1 Vnews | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in news.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) autorkomentarza and (2) tresckomentarza parameters. | ||||
| CVE-2006-1551 | 1 Georges Auberger | 1 Pajax | 2026-04-16 | N/A |
| Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to execute arbitrary code via the (1) $method and (2) $args parameters. | ||||
| CVE-2006-1561 | 1 Vscripts | 1 Vbook | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote attackers to execute arbitrary SQL commands via the x parameter. | ||||
| CVE-2006-1572 | 1 O2php.com | 1 Oxygen | 2026-04-16 | N/A |
| SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a newthread action. | ||||
| CVE-2006-1557 | 1 Skintech | 1 X-changer | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in X-Changer 0.2 allow remote attackers to execute arbitrary SQL commands via the (1) from and (2) into parameters in a calculate action, and the (3) id parameter in an edit action to index.php. | ||||
| CVE-2006-1570 | 1 Esqlanelapse | 1 Esqlanelapse | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Esqlanelapse 2.0 and 2.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | ||||
| CVE-2006-1569 | 1 Redcms | 1 Redcms | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters to (a) login.php or (b) register.php; or (3) u parameter to (c) profile.php. | ||||
| CVE-2006-1581 | 1 Blanknberg | 1 Blanknberg | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in Blank'N'Berg 0.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the _path parameter. | ||||
| CVE-2006-4502 | 1 Ztml | 1 Ezportal Ztml Cms | 2026-04-16 | N/A |
| ezPortal/ztml CMS 1.0 allows remote attackers to bypass authentication controls via a direct request to the "Administration Area" script. | ||||
| CVE-2006-1589 | 1 Netbsd | 1 Netbsd | 2026-04-16 | N/A |
| The elf_load_file function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service (kernel crash) via an ELF interpreter that does not have a PT_LOAD section in its header, which triggers a null dereference. | ||||
| CVE-2006-1585 | 1 3dsrc | 1 Monalbum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote attackers to execute arbitrary SQL commands via (1) the pc parameter in (a) index.php and (2) pnom, (3) pcourriel, and (4) pcommentaire parameters in (b) image_agrandir.php. | ||||
| CVE-2006-1598 | 1 An | 1 An-httpd | 2026-04-16 | N/A |
| AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension. | ||||
| CVE-2006-1599 | 1 V-creator.com | 1 V-creator | 2026-04-16 | N/A |
| Unspecified vulnerability in VCEngine.php in v-creator before 1.3-pre3, when the VC_CRYPTO_METHOD option is OPENSSL, allows remote attackers to execute arbitrary commands, possibly due to problems in the (1) encrypt and (2) decrypt functions. | ||||
| CVE-2006-1618 | 1 Doomsday | 1 Doomsday | 2026-04-16 | N/A |
| Format string vulnerability in the (1) Con_message and (2) conPrintf functions in con_main.c in Doomsday engine 1.8.6 allows remote attackers to execute arbitrary code via format string specifiers in an argument to the JOIN command, and possibly other command arguments. | ||||