Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2116 | 1 Planet Concept | 1 Planetgallery | 2026-04-16 | N/A |
| planetGallery allows remote attackers to gain administrator privileges via a direct request to admin/gallery_admin.php. | ||||
| CVE-2006-2124 | 1 Turnkey Solutions | 1 Sunshop Shopping Cart | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) prevaction, (2) previd, (3) prevstart, (4) itemid, (5) id, and (6) action parameters in index.php. | ||||
| CVE-2006-2136 | 1 Aznews | 1 Aznews | 2026-04-16 | N/A |
| SQL injection vulnerability in news.php in AZNEWS allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2006-2138 | 1 Neomail | 1 Neomail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.29 allows remote attackers to inject arbitrary web script or HTML via the sessionid parameter. | ||||
| CVE-2006-2139 | 1 Wilsonncareabusinesses | 1 Php Newsfeed | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PHP Newsfeed 20040723 allow remote attackers to execute arbitrary SQL commands via the (1) name parameter to (a) deltables.php, (2) select, (3) header, (4) url, (5) source, or (6) time parameters to (b) manualsubmit.php, (7) num parameter to (c) delete.php, or (8) tablename parameter to (d) searchnews.php. | ||||
| CVE-2006-2141 | 1 Collaborative Portal Server Project | 1 Collaborative Portal Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in popup_image in Collaborative Portal Server (CPS) 3.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the pos argument. | ||||
| CVE-2006-2142 | 1 Limbo Cms | 1 Limbo Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in classes/adodbt/sql.php in Limbo CMS 1.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the classes_dir parameter. | ||||
| CVE-2006-3034 | 1 Myscrapbook | 1 Myscrapbook | 2026-04-16 | N/A |
| MyScrapbook 3.1 allows remote attackers to obtain sensitive information via a direct request to files in the txt-db-api directory such as txt-db-api/sql.php, which reveals the path in an error message. | ||||
| CVE-2002-1199 | 3 Caldera, Sco, Sun | 4 Openlinux, Openserver, Solaris and 1 more | 2026-04-16 | N/A |
| The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. | ||||
| CVE-2006-3043 | 1 Cfxe-cms | 1 Cfxe-cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.cfm in CreaFrameXe (CFXe) CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the voltext_suche parameter. | ||||
| CVE-2002-1220 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2026-04-16 | N/A |
| BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. | ||||
| CVE-2002-1252 | 1 Peoplesoft | 1 Peopletools | 2026-04-16 | N/A |
| The Application Messaging Gateway for PeopleTools 8.1x before 8.19, as used in various PeopleSoft products, allows remote attackers to read arbitrary files via certain XML External Entities (XXE) fields in an HTTP POST request that is processed by the SimpleFileHandler handler. | ||||
| CVE-2002-1296 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module. | ||||
| CVE-2006-3078 | 1 Apboard | 1 Apboard | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in APBoard 2.2-r3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) PHPSESSID parameter in board.php and (2) viewcatmod parameter in main.php. | ||||
| CVE-2002-1528 | 1 Mondosoft | 1 Mondosearch | 2026-04-16 | N/A |
| MsmMask.exe in MondoSearch 4.4 allows remote attackers to obtain the source code of scripts via the mask parameter. | ||||
| CVE-2006-3176 | 1 Xaran | 1 Xaran Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in xarancms_haupt.php in xarancms 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-3179 | 1 Swsoft | 1 Confixx | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in tools_ftp_pwaendern.php in Confixx Pro 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the account parameter. | ||||
| CVE-2006-3180 | 1 Swsoft | 1 Confixx | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ftp_index.php in Confixx Pro 3.0 allows remote attackers to inject arbitrary web script or HTML via the path parameter. | ||||
| CVE-2002-1549 | 1 Light Httpd | 1 Light Httpd | 2026-04-16 | N/A |
| Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2003-0002 | 1 Microsoft | 1 Content Management Server | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter. | ||||