Export limit exceeded: 362458 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 47043 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2166 1 E-zone Media Inc. 1 Fusetalk 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in FuseTalk 2.0 and 3.0 allows remote attackers to insert arbitrary HTML and web script.
CVE-2002-2167 1 Thorsten Korner 1 123tkshop 2026-04-16 N/A
Directory traversal vulnerability in function_foot_1.inc.php for Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to read arbitrary files via .. (dot dot) sequences terminated by a null character in the $designNo variable, which is part of an "include" function call.
CVE-2000-0880 1 Plus Technologies 1 Lpplus 2026-04-16 N/A
LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file.
CVE-2002-0418 1 Endymion 1 Sake Mail 2026-04-16 N/A
Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the param_name parameter.
CVE-2001-0801 1 Sgi 1 Irix 2026-04-16 N/A
lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.
CVE-2000-0900 1 Acme Labs 1 Thttpd 2026-04-16 N/A
Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attackers to read arbitrary files via a "%2e%2e" string, a variation of the .. (dot dot) attack.
CVE-2001-0804 1 Valerie Mates 1 Interactive Story 2026-04-16 N/A
Directory traversal vulnerability in story.pl in Interactive Story 1.3 allows a remote attacker to read arbitrary files via a .. (dot dot) attack on the "next" parameter.
CVE-2000-0902 1 Nathan Purciful 1 Phpphotoalbum 2026-04-16 N/A
getalbum.php in PhotoAlbum before 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2001-0806 1 Apple 1 Mac Os X 2026-04-16 N/A
Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages.
CVE-2001-0807 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.0, and possibly other versions, may allow remote attackers (malicious web pages) to read known text files from a client's hard drive via a SCRIPT tag with a SRC value that points to the text file.
CVE-2001-0808 1 Yngve Svendsen 1 Gnatsweb 2026-04-16 N/A
gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the help_file parameter.
CVE-2000-0885 1 Microsoft 3 Systems Management Server, Windows 2000, Windows Nt 2026-04-16 N/A
Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing" vulnerability. NOTE: It is highly likely that this candidate will be split into multiple candidates.
CVE-2000-0919 1 Phpix 1 Phpix 2026-04-16 N/A
Directory traversal vulnerability in PHPix Photo Album 1.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2006-2846 1 Visiongate 1 Visiongate Portal System 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Print.PHP in VisionGate Portal System allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2000-0897 1 Max Feoktistov 1 Small Http Server 2026-04-16 N/A
Small HTTP Server 2.03 and earlier allows remote attackers to cause a denial of service by repeatedly requesting a URL that references a directory that does not contain an index.html file, which consumes memory that is not released after the request is completed.
CVE-2000-0928 1 Wquinn 1 Diskadvisor 2026-04-16 N/A
WQuinn QuotaAdvisor 4.1 allows users to list directories and files by running a report on the targeted shares.
CVE-2000-0921 1 Hassan Consulting 1 Shopping Cart 2026-04-16 N/A
Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.
CVE-2000-0925 1 Smartwin Technology 1 Cyberoffice Shopping Cart 2026-04-16 N/A
The default installation of SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) installs the _private directory with world readable permissions, which allows remote attackers to obtain sensitive information.
CVE-2000-0927 1 Wquinn 1 Quotaadvisor 2026-04-16 N/A
WQuinn QuotaAdvisor 4.1 does not properly record file sizes if they are stored in alternative data streams, which allows users to bypass quota restrictions.
CVE-2002-0423 1 Efingerd 1 Efingerd 2026-04-16 N/A
Buffer overflow in efingerd 1.5 and earlier, and possibly up to 1.61, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a finger request from an IP address with a long hostname that is obtained via a reverse DNS lookup.