Export limit exceeded: 363849 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363849 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363849 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0039 1 Nissc 1 Ipsec 2026-04-16 N/A
Certain configurations of IPsec, when using Encapsulating Security Payload (ESP) in tunnel mode, integrity protection at a higher layer, or Authentication Header (AH), allow remote attackers to decrypt IPSec communications by modifying the outer packet in ways that cause plaintext data from the inner packet to be returned in ICMP messages, as demonstrated using bit-flipping attacks and (1) Destination Address Rewriting, (2) a modified header length that causes portions of the packet to be interpreted as IP Options, or (3) a modified protocol field and source address.
CVE-2006-3230 1 Azureus Tracker 1 Azureus Tracker 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.tmpl in Azureus Tracker 2.4.0.2 and earlier (Java BitTorrent Client Tracker) allows remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2002-1730 1 Aspjar 1 Aspjar Guestbook 2026-04-16 N/A
ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true".
CVE-2006-3234 1 Looknet 1 Fineshop 2026-04-16 N/A
Multiple SQL injection vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) produkt, (2) id_produc, and (3) id_kat parameters.
CVE-2002-1724 1 Onlinetools.org 1 Phpimageview 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in phpimageview.php for PHPImageView 1.0 allows remote attackers to execute arbitrary script as other users via the pic parameter.
CVE-2006-3235 1 Looknet 1 Fineshop 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) promocja, (2) wysw, or (3) id_produc parameters.
CVE-2002-1740 1 Alt-n 2 Mdaemon, Worldclient 2026-04-16 N/A
Buffer overflow in WorldClient.cgi in WorldClient in Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to execute arbitrary code via a long folder name (NewFolder parameter).
CVE-2006-3236 1 Thinkfactory 1 Thinkwms 2026-04-16 N/A
Multiple SQL injection vulnerabilities in thinkWMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in (a) index.php or (b) printarticle.php, and the (2) catid parameter in index.php.
CVE-2002-1750 1 Cgiscript 1 Csguestbook 2026-04-16 N/A
csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
CVE-2002-1751 1 Cgiscript.net 1 Cslivesupport 2026-04-16 N/A
csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
CVE-2005-0049 1 Microsoft 2 Sharepoint Portal Server, Sharepoint Team Services 2026-04-16 N/A
Windows SharePoint Services and SharePoint Team Services for Windows Server 2003 does not properly validate an HTTP redirection query, which allows remote attackers to inject arbitrary HTML and web script via a cross-site scripting (XSS) attack, or to spoof the web cache.
CVE-2006-3251 1 Hashcash 1 Hashcash 2026-04-16 N/A
Heap-based buffer overflow in the array_push function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries.
CVE-2002-1761 1 Phprojekt 1 Phprojekt 2026-04-16 N/A
Directory traversal vulnerability in PHProjekt 2.0 through 3.1 allows remote attackers to read arbitrary files via .. (dot dot) sequences.
CVE-2006-3257 1 Claroline 1 Claroline 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.7.7 allow remote attackers to inject arbitrary HTML or web script via unspecified attack vectors, possibly including (1) calendar/myagenda.php, (2) document/document.php, (3) phpbb/newtopic.php, (4) tracking/userLog.php, and (5) wiki/page.php.
CVE-2006-3258 1 Bnbt 2 Easytracker, Trinedit 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.html in BNBT TrinEdit and EasyTracker 7.7r3.2004.10.27 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) filter or (2) sort parameters.
CVE-2002-1799 1 Phprank 1 Phprank 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) email parameter to add.php or (2) banurl parameter.
CVE-2006-3265 1 Qdig 1 Qdig 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Qdig before 1.2.9.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) pre_gallery or (2) post_gallery parameters.
CVE-2006-3267 1 Infinite Core Technologies 1 Ict 2026-04-16 N/A
SQL injection vulnerability in index.php in Infinite Core Technologies (ICT) 1.0 Gold and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter.
CVE-2002-1792 1 Fake Identd 1 Fake Identd 2026-04-16 N/A
Buffer overflow in Fake Identd 0.9 through 1.4 allows remote attackers to execute arbitrary code as root via a long request that is split into multiple packets.
CVE-2006-3270 1 Thorcms 1 Thorcms 2026-04-16 N/A
SQL injection vulnerability in cms_admin.php in THoRCMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via multiple unspecified parameters, such as the add_link_mid parameter. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information.