Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-0169 1 Myphpim 1 Myphpim 2026-04-16 N/A
addresses.php3 in MyPhPim 01.05 does not restrict uploaded files, which allows remote attackers to execute arbitrary PHP code via the pdbfile variable, then directly accessing those files from the uploads directory.
CVE-2006-0178 1 Cray 1 Unicos 2026-04-16 N/A
Format string vulnerability in /bin/ftp in UNICOS 9.0.2.2 allows local users to have an unknown impact via format string specifiers in the quote command. NOTE: because the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.
CVE-2006-0180 1 Calogic 1 Calogic Calendars 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the Title field on the "Adding New Event" page, and possibly other vectors, involving iframe tags.
CVE-2006-0224 1 Libast 1 Libast 2026-04-16 N/A
Buffer overflow in Library of Assorted Spiffy Things (LibAST) 0.6.1 and earlier, as used in Eterm and possibly other software, allows local users to execute arbitrary code as the utmp user via a long -X command line argument (alternative configuration file name).
CVE-2000-0682 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet.
CVE-2000-0683 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet.
CVE-2003-0394 1 Blnews 1 Blnews 2026-04-16 N/A
objects.inc.php4 in BLNews 2.1.3 allows remote attackers to execute arbitrary PHP code via a Server[path] parameter that points to malicious code on an attacker-controlled web site.
CVE-2000-0685 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file.
CVE-2006-0227 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable the LP print service via unknown attack vectors.
CVE-2003-0397 1 Sharman Networks 1 Kazaa 2026-04-16 N/A
Buffer overflow in FastTrack (FT) network code, as used in Kazaa 2.0.2 and possibly other versions and products, allows remote attackers to execute arbitrary code via a packet containing a large list of supernodes, aka "Packet 0' death."
CVE-2000-0691 1 Gert Doering 1 Mgetty 2026-04-16 N/A
The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file.
CVE-2003-0398 1 Vignette 3 Content Suite, Storyserver, Vignette 2026-04-16 N/A
Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, with the SSI EXEC feature enabled, allows remote attackers to execute arbitrary code via a text variable to a Vignette Application that is later displayed.
CVE-2003-1146 1 John Beatty 1 Easy Php Photo Album 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
CVE-2000-0694 1 Tech-source 1 Raptor Gfx Pgx32 2026-04-16 N/A
pgxconfig in the Raptor GFX configuration tool allows local users to gain privileges via a symlink attack.
CVE-2003-0401 1 Vignette 3 Content Suite, Storyserver, Vignette 2026-04-16 N/A
Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a request for the /vgn/style template.
CVE-2003-1254 1 Active Php Bookmarks 1 Active Php Bookmarks 2026-04-16 N/A
Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to execute arbitrary PHP code via (1) head.php, (2) apb_common.php, or (3) apb_view_class.php by modifying the APB_SETTINGS parameter to reference a URL on a remote web server that contains the code.
CVE-2000-0698 1 Minicom 1 Minicom 2026-04-16 N/A
Minicom 1.82.1 and earlier on some Linux systems allows local users to create arbitrary files owned by the uucp user via a symlink attack.
CVE-2003-1259 1 Globalscape 1 Cuteftp 2026-04-16 N/A
Buffer overflow in CuteFTP 4.2 and 5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner.
CVE-2003-0403 1 Vignette 3 Content Suite, Storyserver, Vignette 2026-04-16 N/A
Vignette StoryServer 5 and Vignette V/5 allows remote attackers to read and modify license information, and cause a denial of service (service halt) by directly accessing the /vgn/license template.
CVE-2000-0705 1 Luca Deri 1 Ntop 2026-04-16 N/A
ntop running in web mode allows remote attackers to read arbitrary files via a .. (dot dot) attack.