Export limit exceeded: 366027 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366027 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366027 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366027 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-1613 1 Aweb Labs 1 Awebnews 2026-04-16 N/A
Multiple SQL injection vulnerabilities in aWebNews 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) user123 variable in (a) login.php or (b) fpass.php; or (2) cid parameter to (c) visview.php.
CVE-2000-0908 1 Netcplus 1 Browsegate 2026-04-16 N/A
BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long Authorization or Referer MIME headers in the HTTP request.
CVE-1999-0418 2026-04-16 N/A
Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection.
CVE-2006-1606 1 Exponent 1 Exponent Cms 2026-04-16 N/A
Unspecified vulnerability in the image module in Exponent CMS before 0.96.5 RC 1 allows "directory disclosure" with unknown attack vectors.
CVE-2006-1605 1 Exponent 1 Exponent Cms 2026-04-16 N/A
Unspecified vulnerability in the image module in Exponent CMS before 0.96.5 RC 1 allows remote attackers to execute arbitrary code via unknown vectors involving "parsed PHP."
CVE-1999-0416 1 Cisco 1 Cisco 7xx Routers 2026-04-16 N/A
Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port.
CVE-2006-1603 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in profile.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via the cur_password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-1999-0406 1 Digital 1 Unix 2026-04-16 N/A
Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege.
CVE-2000-0899 1 Max Feoktistov 1 Small Http Server 2026-04-16 N/A
Small HTTP Server 2.01 allows remote attackers to cause a denial of service by connecting to the server and sending out multiple GET, HEAD, or POST requests and closing the connection before the server responds to the requests.
CVE-1999-0396 2 Netbsd, Openbsd 2 Netbsd, Openbsd 2026-04-16 N/A
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.
CVE-1999-0394 2026-04-16 N/A
DPEC Online Courseware allows an attacker to change another user's password without knowing the original password.
CVE-1999-0340 1 Slackware 1 Slackware Linux 2026-04-16 N/A
Buffer overflow in Linux Slackware crond program allows local users to gain root access.
CVE-2006-4474 1 Joomla 1 Joomla 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.11 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) Admin Module Manager, (2) Admin Help, and (3) Search.
CVE-1999-0320 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.
CVE-2006-1584 1 Juliusz Julas Gonera 1 Warcraft Iii Replay Parser Php 2026-04-16 N/A
Unspecified vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to fopen function calls or file uploads. NOTE: post-disclosure analysis by CVE suggests that the "page" parameter is not used in this product, and "id" might be the affected parameter.
CVE-2006-1577 1 Mantis 1 Mantis 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in view_all_set.php in Mantis 1.0.1, 1.0.0rc5, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) start_day, (2) start_year, and (3) start_month parameters.
CVE-2006-1574 1 Hitachi 4 Groupmax World Wide Web, Groupmax World Wide Web Desktop, Groupmax World Wide Web Desktop Scheduler and 1 more 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web, World Wide Web Desktop, World Wide Web for Scheduler, and Desktop for Scheduler, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
CVE-2006-1563 1 Vscripts 1 Vbook 2026-04-16 N/A
Direct static code injection vulnerability in config.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote administrators to execute arbitrary PHP code into the config file, which is included other [V]Book scripts.
CVE-2006-3580 1 Asp Stats Generator 1 Asp Stats Generator 2026-04-16 N/A
SQL injection vulnerability in pages.asp in ASP Stats Generator before 2.1.2 allows remote attackers to execute arbitrary SQL commands via the order parameter.
CVE-2006-1559 1 Php 1 Php Script Index 2026-04-16 N/A
SQL injection vulnerability in PHP Script Index allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.