Export limit exceeded: 359648 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359648 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4053 | 1 Cowiki | 1 Cowiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in coWiki 0.3.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter, as demonstrated using 26.html. | ||||
| CVE-2006-1439 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under certain circumstances, which could allow other applications in the window session to monitor input characters and keyboard events. | ||||
| CVE-2004-1515 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| SQL injection vulnerability in (1) ttlast.php and (2) last10.php in vBulletin 3.0.x allows remote attackers to execute arbitrary SQL statements via the fsel parameter, as demonstrated using last.php. | ||||
| CVE-2005-4055 | 1 Cars Portal | 1 Cars Portal | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Cars Portal 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) page and (2) car parameters. | ||||
| CVE-2001-1118 | 1 Roxen | 1 Roxen Webserver | 2026-04-16 | N/A |
| A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote attacker to execute arbitrary commands or view arbitrary files via an encoded URL. | ||||
| CVE-2001-1124 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core dump) via a malformed RPC portmap requests, possibly related to a buffer overflow. | ||||
| CVE-2004-1525 | 1 New Media Generation | 1 Hired Team Trial | 2026-04-16 | N/A |
| Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause a denial of service (application crash) via the status command. | ||||
| CVE-2006-1636 | 1 Vwar | 1 Virtual War | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in get_header.php in VWar 1.5.0 R12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwar_root parameter. NOTE: this is a different vulnerability than CVE-2006-1503. | ||||
| CVE-2001-1137 | 1 D-link | 1 Dl-704 | 2026-04-16 | N/A |
| D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows remote attackers to cause a denial of service (reboot) via malformed IP datagram fragments. | ||||
| CVE-2004-1535 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_path parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-4059 | 1 Locazo | 1 Locazolist | 2026-04-16 | N/A |
| SQL injection vulnerability in searchdb.asp in LocazoList 1.03c and earlier allows remote attackers to execute arbitrary SQL commands via the q parameter. | ||||
| CVE-2005-4060 | 1 Rainworx | 1 Rwauction Pro | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in rwAuction Pro 4.0 and 5.0 allows remote attackers to inject arbitrary web script or HTML via the searchtxt parameter. | ||||
| CVE-2004-1554 | 1 Alexphpteam | 1 Alex Guestbook | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote attackers to execute arbitrary PHP code by modifying the chem_absolu parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-4065 | 1 Edgewall Software | 1 Trac | 2026-04-16 | N/A |
| SQL injection vulnerability in the search module in Edgewall Trac before 0.9.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2005-4069 | 1 Sunncomm | 1 Mediamax Drm | 2026-04-16 | N/A |
| SunnComm MediaMax DRM 5.0.21.0, as used by Sony BMG, assigns insecure Everyone/Full Control permissions to the "SunnComm Shared" directory, which allows local users to gain privileges by modifying programs installed in that directory, such as MMX.exe. | ||||
| CVE-2001-1198 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option. | ||||
| CVE-2004-1559 | 1 Wordpress | 1 Wordpress | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) redirect_to, text, popupurl, or popuptitle parameters to wp-login.php, (2) redirect_url parameter to admin-header.php, (3) popuptitle, popupurl, content, or post_title parameters to bookmarklet.php, (4) cat_ID parameter to categories.php, (5) s parameter to edit.php, or (6) s or mode parameter to edit-comments.php. | ||||
| CVE-2005-4073 | 1 Cfmagic | 1 Magic List Pro | 2026-04-16 | N/A |
| SQL injection vulnerability in view_archive.cfm in CFMagic Magic List Pro 2.5 allows remote attackers to execute arbitrary SQL commands via the ListID parameter. | ||||
| CVE-2006-1708 | 1 Clansys | 1 Clansys | 2026-04-16 | N/A |
| SQL injection vulnerability in member.php in Clansys 1.1 allows remote attackers to execute arbitrary SQL commands via the showid parameter in the member page to index.php. | ||||
| CVE-2006-1747 | 1 Vwar | 1 Virtual War | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Virtual War (VWar) 1.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the vwar_root parameter to (1) admin/admin.php, (2) war.php, (3) stats.php, (4) news.php, (5) joinus.php, (6) challenge.php, (7) calendar.php, (8) member.php, (9) popup.php, and other unspecified scripts in the admin folder. NOTE: these are different attack vectors than CVE-2006-1636 and CVE-2006-1503. | ||||