Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4054 | 1 Ehmig | 1 Me Download System | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in ME Download System 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) Vb8878b936c2bd8ae0cab parameter to (a) inc/sett_style.php or (b) inc/sett_smilies.php; or the (2) Vb6c4d0e18a204a63b38f, (3) V18a78b93c3adaaae84e2, or (4) V9ae5d2ca9e9e787969ff parameters to (c) inc/datei.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2002-1473 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2002-0825 | 2 Padl Software, Redhat | 3 Nss Ldap, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2003-0959 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Multiple integer overflows in the 32bit emulation for AMD64 architectures in Linux 2.4 kernel before 2.4.21 allows attackers to cause a denial of service or gain root privileges via unspecified vectors that trigger copy_from_user function calls with improper length arguments. | ||||
| CVE-2002-0832 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5, 5.6, and 6 allows remote attackers to bypass cookie privacy settings and store information across browser sessions via the userData (storeuserData) feature. | ||||
| CVE-2003-0413 | 1 Sun | 1 One Application Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote attackers to insert arbitrary web script or HTML via an HTTP request that generates an "Invalid JSP file" error, which inserts the text in the resulting error message. | ||||
| CVE-2006-4055 | 1 Tsep | 1 Tsep | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter to (1) include/colorswitch.php, (2) contentimages.class.php, (3) ipfunctions.php, (4) configfunctions.php, (5) printpagedetails.php, or (6) log.class.php. NOTE: the copyright.php vector is already covered by CVE-2006-3993. | ||||
| CVE-2006-4073 | 1 Phpcc | 1 Phpcc | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Fabian Hainz phpCC Beta 4.2 allow remote attackers to execute arbitrary PHP code via a URL in the base_dir parameter to (1) login.php, (2) reactivate.php, or (3) register.php. | ||||
| CVE-2002-0950 | 1 Transware | 1 Active Mail | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in TransWARE Active! mail 1.422 and 2.0 allows remote attackers to execute arbitrary code via a certain e-mail header, which is not properly filtered. | ||||
| CVE-2006-4075 | 1 Wim Fleischhauer | 1 Docpile We | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Wim Fleischhauer docpile: wim's edition (docpile:we) 0.2.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the INIT_PATH parameter to (1) lib/folder.class.php, (2) lib/email.inc.php, (3) lib/document.class.php or (4) lib/auth.inc.php. | ||||
| CVE-2002-0953 | 1 Php Address | 1 Php Address | 2026-04-16 | N/A |
| globals.php in PHP Address before 0.2f, with the PHP allow_url_fopen and register_globals variables enabled, allows remote attackers to execute arbitrary PHP code via a URL to the code in the LangCookie parameter. | ||||
| CVE-2006-4087 | 1 Mojoscripts | 1 Mojogallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in admin.cgi in mojoscripts.com mojoGallery allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2002-0954 | 1 Cisco | 1 Pix Firewall | 2026-04-16 | N/A |
| The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques. | ||||
| CVE-2002-0963 | 1 Geeklog | 1 Geeklog | 2026-04-16 | N/A |
| SQL injection vulnerability in comment.php for GeekLog 1.3.5 and earlier allows remote attackers to obtain sensitive user information via the pid parameter. | ||||
| CVE-2002-0964 | 1 Valve Software | 2 Half-life, Half-life Dedicated Server | 2026-04-16 | N/A |
| Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which reaches the player limit and prevents other players from connecting until the original responses have timed out. | ||||
| CVE-2003-0980 | 1 Freescripts | 1 Visitorbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in FreeScripts VisitorBook LE (visitorbook.pl) allows remote attackers to inject arbitrary HTML or web script via (1) the "do" parameter, (2) via the "user" parameter from a host with a malicious reverse DNS name, (3) via quote marks or ampersands in other parameters. | ||||
| CVE-2006-4102 | 1 Falko Timme And Till Brehm | 1 Sqlitewebadmin | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in tpl.inc.php in Falko Timme and Till Brehm SQLiteWebAdmin 0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the conf[classpath] parameter. | ||||
| CVE-2002-0968 | 1 Analogx | 1 Simpleserver Www | 2026-04-16 | N/A |
| Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows remote attackers to cause a denial of service (crash) and execute code via a long HTTP request method name. | ||||
| CVE-2006-4113 | 1 Hitweb | 1 Hitweb | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in genpage-cgi.php in Brian Fraval hitweb 4.2 and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the REP_INC parameter. | ||||
| CVE-2006-4114 | 1 Phpmyring | 1 Phpmyring | 2026-04-16 | N/A |
| SQL injection vulnerability in view_com.php in Nicolas Grandjean PHPMyRing 4.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idsite parameter. | ||||