Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0921 | 1 Hassan Consulting | 1 Shopping Cart | 2026-04-16 | N/A |
| Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter. | ||||
| CVE-2001-0808 | 1 Yngve Svendsen | 1 Gnatsweb | 2026-04-16 | N/A |
| gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the help_file parameter. | ||||
| CVE-2001-0807 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.0, and possibly other versions, may allow remote attackers (malicious web pages) to read known text files from a client's hard drive via a SCRIPT tag with a SRC value that points to the text file. | ||||
| CVE-2001-0806 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages. | ||||
| CVE-2000-0902 | 1 Nathan Purciful | 1 Phpphotoalbum | 2026-04-16 | N/A |
| getalbum.php in PhotoAlbum before 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2001-0804 | 1 Valerie Mates | 1 Interactive Story | 2026-04-16 | N/A |
| Directory traversal vulnerability in story.pl in Interactive Story 1.3 allows a remote attacker to read arbitrary files via a .. (dot dot) attack on the "next" parameter. | ||||
| CVE-2000-0900 | 1 Acme Labs | 1 Thttpd | 2026-04-16 | N/A |
| Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attackers to read arbitrary files via a "%2e%2e" string, a variation of the .. (dot dot) attack. | ||||
| CVE-2001-0801 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library. | ||||
| CVE-2002-0418 | 1 Endymion | 1 Sake Mail | 2026-04-16 | N/A |
| Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the param_name parameter. | ||||
| CVE-2000-0880 | 1 Plus Technologies | 1 Lpplus | 2026-04-16 | N/A |
| LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file. | ||||
| CVE-2002-0300 | 1 Gnujsp | 1 Gnujsp | 2026-04-16 | N/A |
| gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, read source code of certain scripts, and bypass access restrictions by directly requesting the target file from the gnujsp servlet, which does not work around a limitation of JServ and does not process the requested file. | ||||
| CVE-2002-0293 | 1 Alcatel-lucent | 1 Omnipcx | 2026-04-16 | N/A |
| FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file. | ||||
| CVE-2002-0290 | 1 Netwin | 1 Webnews | 2026-04-16 | N/A |
| Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument. | ||||
| CVE-2000-0599 | 1 Imesh.com | 1 Imesh | 2026-04-16 | N/A |
| Buffer overflow in iMesh 1.02 allows remote attackers to execute arbitrary commands via a long string to the iMesh port. | ||||
| CVE-2000-0358 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program. | ||||
| CVE-2000-0587 | 1 Glftpd | 1 Glftpd | 2026-04-16 | N/A |
| The privpath directive in glftpd 1.18 allows remote attackers to bypass access restrictions for directories by using the file name completion capability. | ||||
| CVE-2001-0708 | 1 Denicomp | 1 Rexecd | 2026-04-16 | N/A |
| Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a denial of service (crash) via a long string. | ||||
| CVE-2001-0228 | 1 Goahead Software | 1 Goahead Webserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to read arbitrary files via a .. attack in an HTTP GET request. | ||||
| CVE-2006-4368 | 1 Integramod | 1 Integramod Portal | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2000-0353 | 1 University Of Washington | 1 Pine | 2026-04-16 | N/A |
| Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine. | ||||