Export limit exceeded: 362205 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362205 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0130 1 Berlios 1 Konversation 2026-04-16 N/A
Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in (1) channel names or (2) song names that are not properly quoted when the user runs IRC scripts.
CVE-2002-1702 1 Deltascripts 1 Php Classifieds 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter.
CVE-2002-0671 1 Pingtel 2 Xpressa, Xpressa Firmware 2026-04-16 9.8 Critical
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applications, which could allow remote attackers to install Trojan horse applications via DNS spoofing.
CVE-2002-1704 1 Zeroboard 1 Zeroboard 2026-04-16 N/A
Zeroboard 4.1, when the "allow_url_fopen" and "register_globals" variables are enabled, allows remote attackers to execute arbitrary PHP code by modifying the _zb_path parameter to reference a URL on a remote web server that contains the code.
CVE-2002-1705 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to cause a denial of service (crash) via a Cascading Style Sheet (CSS) with the p{cssText} element declared and a bold font weight.
CVE-2002-1706 1 Cisco 3 Ios, Ubr7100, Ubr7200 2026-04-16 7.5 High
Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.
CVE-2002-1707 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
install.php in phpBB 2.0 through 2.0.1, when "allow_url_fopen" and "register_globals" variables are set to "on", allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_dir parameter to reference a URL on a remote web server that contains the code.
CVE-2004-1838 1 Xweb 1 Xweb 2026-04-16 N/A
Directory traversal vulnerability in xweb 1.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the URL.
CVE-2006-4822 1 Emusoft 1 Emucms 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in eMuSOFT emuCMS 0.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) query or (2) page parameters.
CVE-2002-1708 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in BasiliX Webmail 1.10 allows remote attackers to execute arbitrary script as other users by injecting script into the (1) subject or (2) message fields.
CVE-2005-0133 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers.
CVE-2001-1323 2 Mit, Redhat 2 Kerberos 5, Linux 2026-04-16 N/A
Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output from the ftpglob function.
CVE-2002-1710 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
The attachment capability in Compose Mail in BasiliX Webmail 1.1.0 does not check whether the attachment was uploaded by the user or came from a HTTP POST, which could allow local users to steal sensitive information like a password file.
CVE-2002-1713 1 Mandrakesoft 1 Mandrake Linux 2026-04-16 5.5 Medium
The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files.
CVE-2002-1719 1 Bavo 1 Bavo 2026-04-16 N/A
Unknown vulnerability in Bavo 0.3 allows remote attackers to modify posted messages.
CVE-2002-1722 1 Logitech 3 Cordless Freedom Itouch Keyboard, Cordless Itouch Keyboard, Itouch Keyboard 2026-04-16 N/A
Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen locking function and execute user-defined commands that have been assigned to a button.
CVE-2002-1720 1 Outfront 1 Spooky Login 2026-04-16 N/A
SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authentication and gain privileges via the password field.
CVE-2002-1723 1 Powerboards 1 Powerboards 2026-04-16 N/A
Powerboards 2.2b allows remote attackers to view the full path to the backend database by sending a cookie containing a non-existent username to profiles.php, which displays the full path in the error message.
CVE-2001-1345 1 Jetico 1 Bestcrypt 2026-04-16 N/A
bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied PATH to find and execute an fsck utility program, which allows local users to gain privileges by modifying the PATH to point to a Trojan horse program.
CVE-2002-1725 1 Onlinetools.org 1 Phpimageview 2026-04-16 N/A
phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the pw=show option, which invokes the phpinfo function.