Export limit exceeded: 361785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 361785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (361785 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2240 1 Phorum 1 Phorum 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via (1) the query string in read.php or (2) unknown vectors in file.php.
CVE-2005-1961 1 Objectweb 1 Consortium C-jdbc 2026-04-16 N/A
Unknown vulnerability in ObjectWeb Consortium C-JDBC before 1.3.1 allows local users to bypass intended access restrictions and obtain the cache results from another user.
CVE-2004-2243 1 Phorum 1 Phorum 2026-04-16 N/A
Phorum allows remote attackers to hijack sessions of other users by stealing and replaying the session hash in the phorum_uriauth parameter, as demonstrated using profile.php. NOTE: the affected version was reported to be 4.3.7, but this may be erroneous.
CVE-2004-0291 1 Yabb 1 Yabb 2026-04-16 N/A
SQL injection vulnerability in post.php for YaBB SE 1.5.4 and 1.5.5 allows remote attackers to obtain hashed passwords via the quote parameter.
CVE-2004-2247 1 Goosequill 1 Audienceconnect 2026-04-16 N/A
Unknown vulnerability in the "admin of paypal email addresses" in AudienceConnect before 1.0.beta.21 has unknown impact and attack vectors.
CVE-2005-1965 1 Glen Campbell 1 Siteframe 2026-04-16 N/A
PHP remote file inclusion vulnerability in siteframe.php for Broadpool Siteframe allows remote attackers to execute arbitrary code via a URL in the LOCAL_PATH parameter.
CVE-2004-2248 1 Goosequill 1 Remoteeditor 2026-04-16 N/A
Unknown vulnerability in RemoteEditor before 0.1.1 has unknown impact and attack vectors, related to "oversize submissions."
CVE-2000-0152 1 Novell 1 Bordermanager 2026-04-16 N/A
Remote attackers can cause a denial of service in Novell BorderManager 3.5 by pressing the enter key in a telnet connection to port 2000.
CVE-2004-0292 1 Karjasoft 1 Sami Http Server 2026-04-16 N/A
Buffer overflow in KarjaSoft Sami HTTP Server 1.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.
CVE-2004-2252 1 Sophos 1 Astaro Security Linux 2026-04-16 N/A
The firewall in Astaro Security Linux before 4.024 sends responses to SYN-FIN packets, which makes it easier for remote attackers to obtain information about the system and construct specialized attacks.
CVE-2004-2255 1 Phpmyfaq 1 Phpmyfaq 2026-04-16 N/A
Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote attackers to read arbitrary files, and possibly execute local PHP files, via the action variable, which is used as part of a template filename.
CVE-2004-2256 1 Phpmyfaq 1 Phpmyfaq 2026-04-16 N/A
Directory traversal vulnerability in phpMyFAQ 1.4.0 alpha allows remote attackers to read arbitrary files, and possibly execute local PHP files, via .. sequences in the lang (language) variable.
CVE-2004-2258 1 Hummingbird 1 Exceed 2026-04-16 N/A
Xconfig in Hummingbird Exceed before 9.0.0.1, when the Screen Definition is password-protected, allows local users to access certain options by switching to another tab, then switching back to the original tab.
CVE-2004-0293 1 Shopcartcgi 1 Shopcartcgi 2026-04-16 N/A
Directory traversal vulnerability in ShopCartCGI 2.3 allows remote attackers to retrieve arbitrary files via a .. (dot dot) in a HTTP request to (1) gotopage.cgi or (2) genindexpage.cgi.
CVE-2004-2265 1 Uudeview 1 Uudeview 2026-04-16 N/A
UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact.
CVE-2000-0161 1 Microsoft 1 Site Server 2026-04-16 N/A
Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not validate an identification number, which allows remote attackers to execute SQL commands.
CVE-2004-2268 1 Pimentech 1 Pimengest2 2026-04-16 N/A
PimenGest2 before 1.1.1 allows remote attackers to obtain the database password via debug information in rowLatex.inc.php.
CVE-2004-2273 1 Evan Sims 1 Effingerd 2026-04-16 N/A
efFingerD 0.2.12 allows remote attackers to cause a denial of service (daemon crash) via a packet with a single byte, which triggers a "Wrong protocol or connection state" error.
CVE-2004-2274 1 W3c 1 Jigsaw 2026-04-16 N/A
Unknown vulnerability in Jigsaw before 2.2.4 has unknown impact and attack vectors, possibly related to the parsing of the URI.
CVE-2005-1968 1 Early Impact 1 Productcart 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ProductCart Ecommerce before 2.7 allows remote attackers to inject arbitrary web script or HTML via the error parameter to techErr.asp.