Export limit exceeded: 363248 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363248 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1048 1 Topher1kenobe 1 Awol 2026-04-16 N/A
AWOL PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
CVE-2001-1051 1 Dark Hart Portal 1 Darkportal-unix 2026-04-16 N/A
Dark Hart Portal (darkportal) PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
CVE-2005-4042 1 Mr. Cgi Guy 1 Warm Links 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Warm Links 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to search.cgi.
CVE-2001-1059 1 Vmware 1 Workstation 2026-04-16 N/A
VMWare creates a temporary file vmware-log.USERNAME with insecure permissions, which allows local users to read or modify license information.
CVE-2001-1063 1 Caldera 2 Openunix, Unixware 2026-04-16 N/A
Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain root privileges via a long -S (scheme) command line argument.
CVE-2005-4051 1 E107 1 E107 2026-04-16 N/A
e107 0.6174 allows remote attackers to vote multiple times for a download via repeated requests to rate.php.
CVE-2005-4053 1 Cowiki 1 Cowiki 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in coWiki 0.3.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter, as demonstrated using 26.html.
CVE-2006-1439 1 Apple 1 Mac Os X 2026-04-16 N/A
NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under certain circumstances, which could allow other applications in the window session to monitor input characters and keyboard events.
CVE-2004-1515 1 Jelsoft 1 Vbulletin 2026-04-16 N/A
SQL injection vulnerability in (1) ttlast.php and (2) last10.php in vBulletin 3.0.x allows remote attackers to execute arbitrary SQL statements via the fsel parameter, as demonstrated using last.php.
CVE-2005-4055 1 Cars Portal 1 Cars Portal 2026-04-16 N/A
SQL injection vulnerability in index.php in Cars Portal 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) page and (2) car parameters.
CVE-2001-1118 1 Roxen 1 Roxen Webserver 2026-04-16 N/A
A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote attacker to execute arbitrary commands or view arbitrary files via an encoded URL.
CVE-2001-1124 1 Hp 1 Hp-ux 2026-04-16 N/A
rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core dump) via a malformed RPC portmap requests, possibly related to a buffer overflow.
CVE-2004-1525 1 New Media Generation 1 Hired Team Trial 2026-04-16 N/A
Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause a denial of service (application crash) via the status command.
CVE-2006-1636 1 Vwar 1 Virtual War 2026-04-16 N/A
PHP remote file inclusion vulnerability in get_header.php in VWar 1.5.0 R12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwar_root parameter. NOTE: this is a different vulnerability than CVE-2006-1503.
CVE-2001-1137 1 D-link 1 Dl-704 2026-04-16 N/A
D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows remote attackers to cause a denial of service (reboot) via malformed IP datagram fragments.
CVE-2004-1535 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_path parameter to reference a URL on a remote web server that contains the code.
CVE-2005-4059 1 Locazo 1 Locazolist 2026-04-16 N/A
SQL injection vulnerability in searchdb.asp in LocazoList 1.03c and earlier allows remote attackers to execute arbitrary SQL commands via the q parameter.
CVE-2005-4060 1 Rainworx 1 Rwauction Pro 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.asp in rwAuction Pro 4.0 and 5.0 allows remote attackers to inject arbitrary web script or HTML via the searchtxt parameter.
CVE-2004-1554 1 Alexphpteam 1 Alex Guestbook 2026-04-16 N/A
PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote attackers to execute arbitrary PHP code by modifying the chem_absolu parameter to reference a URL on a remote web server that contains the code.
CVE-2005-4065 1 Edgewall Software 1 Trac 2026-04-16 N/A
SQL injection vulnerability in the search module in Edgewall Trac before 0.9.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors.