Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2116 1 Planet Concept 1 Planetgallery 2026-04-16 N/A
planetGallery allows remote attackers to gain administrator privileges via a direct request to admin/gallery_admin.php.
CVE-2006-2124 1 Turnkey Solutions 1 Sunshop Shopping Cart 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) prevaction, (2) previd, (3) prevstart, (4) itemid, (5) id, and (6) action parameters in index.php.
CVE-2006-2136 1 Aznews 1 Aznews 2026-04-16 N/A
SQL injection vulnerability in news.php in AZNEWS allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2006-2138 1 Neomail 1 Neomail 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.29 allows remote attackers to inject arbitrary web script or HTML via the sessionid parameter.
CVE-2006-2139 1 Wilsonncareabusinesses 1 Php Newsfeed 2026-04-16 N/A
Multiple SQL injection vulnerabilities in PHP Newsfeed 20040723 allow remote attackers to execute arbitrary SQL commands via the (1) name parameter to (a) deltables.php, (2) select, (3) header, (4) url, (5) source, or (6) time parameters to (b) manualsubmit.php, (7) num parameter to (c) delete.php, or (8) tablename parameter to (d) searchnews.php.
CVE-2006-2141 1 Collaborative Portal Server Project 1 Collaborative Portal Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in popup_image in Collaborative Portal Server (CPS) 3.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the pos argument.
CVE-2006-2142 1 Limbo Cms 1 Limbo Cms 2026-04-16 N/A
PHP remote file inclusion vulnerability in classes/adodbt/sql.php in Limbo CMS 1.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the classes_dir parameter.
CVE-2006-3034 1 Myscrapbook 1 Myscrapbook 2026-04-16 N/A
MyScrapbook 3.1 allows remote attackers to obtain sensitive information via a direct request to files in the txt-db-api directory such as txt-db-api/sql.php, which reveals the path in an error message.
CVE-2002-1199 3 Caldera, Sco, Sun 4 Openlinux, Openserver, Solaris and 1 more 2026-04-16 N/A
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
CVE-2006-3043 1 Cfxe-cms 1 Cfxe-cms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.cfm in CreaFrameXe (CFXe) CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the voltext_suche parameter.
CVE-2002-1220 3 Freebsd, Isc, Openbsd 3 Freebsd, Bind, Openbsd 2026-04-16 N/A
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.
CVE-2002-1252 1 Peoplesoft 1 Peopletools 2026-04-16 N/A
The Application Messaging Gateway for PeopleTools 8.1x before 8.19, as used in various PeopleSoft products, allows remote attackers to read arbitrary files via certain XML External Entities (XXE) fields in an HTTP POST request that is processed by the SimpleFileHandler handler.
CVE-2002-1296 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.
CVE-2006-3078 1 Apboard 1 Apboard 2026-04-16 N/A
Multiple SQL injection vulnerabilities in APBoard 2.2-r3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) PHPSESSID parameter in board.php and (2) viewcatmod parameter in main.php.
CVE-2002-1528 1 Mondosoft 1 Mondosearch 2026-04-16 N/A
MsmMask.exe in MondoSearch 4.4 allows remote attackers to obtain the source code of scripts via the mask parameter.
CVE-2006-3176 1 Xaran 1 Xaran Cms 2026-04-16 N/A
SQL injection vulnerability in xarancms_haupt.php in xarancms 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-3179 1 Swsoft 1 Confixx 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in tools_ftp_pwaendern.php in Confixx Pro 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the account parameter.
CVE-2006-3180 1 Swsoft 1 Confixx 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ftp_index.php in Confixx Pro 3.0 allows remote attackers to inject arbitrary web script or HTML via the path parameter.
CVE-2002-1549 1 Light Httpd 1 Light Httpd 2026-04-16 N/A
Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2003-0002 1 Microsoft 1 Content Management Server 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter.