Search Results (366714 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2963 1 It-direkt 1 Cabacos Web Cms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Suchergebnisse.asp in Cabacos Web CMS 3.8.498 and earlier allows remote attackers to inject arbitrary web script or HTML via the suchtext parameter.
CVE-2006-2970 1 L0j1k 1 Tinymuw 2026-04-16 N/A
videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain sensitive information via a certain id parameter, probably with an invalid value, which reveals the path in an error message.
CVE-2006-2971 1 Overkill 1 Overkill 2026-04-16 N/A
Integer overflow in the recv_packet function in 0verkill 0.16 allows remote attackers to cause a denial of service (daemon crash) via a UDP packet with fewer than 12 bytes, which results in a long length value to the crc32 function.
CVE-2006-2972 1 Arantius 1 Vice Stats 2026-04-16 N/A
SQL injection vulnerability in vs_resource.php in Arantius Vice Stats 0.5b and 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2006-2973 1 Php Lite 1 Calendar Express 2026-04-16 N/A
Multiple SQL injection vulnerabilities in month.php in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) catid and (2) cid parameter. NOTE: this might be a duplicate of CVE-2005-4009.c.
CVE-2006-2975 1 Pbl Guestbook 1 Pbl Guestbook 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the (1) name, (2) email, and (3) website parameter, which bypasses XSS protection mechanisms that check for SCRIPT tags but not IMG. NOTE: portions of this description's details are obtained from third party information.
CVE-2006-2980 1 Viart Ltd 1 Viart Shop Free 2026-04-16 N/A
SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute arbitrary SQL commands via unknown vectors, probably involving the forum_id parameter.
CVE-2006-2981 1 Arantius 1 Vice Stats 2026-04-16 N/A
SQL injection vulnerability in vs_search.php in Arantius Vice Stats before 1.0.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors, a different issue than CVE-2006-2972.
CVE-2000-0264 1 Panda 1 Panda Security 2026-04-16 N/A
Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods.
CVE-2004-2379 1 Calacode 1 At Mail Webmail System 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in @Mail 3.64 for Windows allow remote attackers to inject arbitrary web script or HTML via (1) the Displayed Name attribute in util.pl and (2) the Folder attribute in showmail.pl.
CVE-2005-2012 1 Php Arena 1 Pafaq 2026-04-16 N/A
Multiple SQL injection vulnerabilities in login in paFAQ 1.0 Beta 4 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) id parameters.
CVE-2006-3299 1 Metalheadws 1 Usenet 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Usenet Script 0.5 allows remote attackers to inject arbitrary web script or HTML via the group parameter.
CVE-1999-0209 1 Sun 1 Sunos 2026-04-16 N/A
The SunView (SunTools) selection_svc facility allows remote users to read files.
CVE-1999-0219 1 Cat Soft 1 Serv-u 2026-04-16 N/A
Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command.
CVE-1999-0232 1 Ncsa Httpd Project 1 Ncsa Httpd 2026-04-16 N/A
Buffer overflow in NCSA WebServer (version 1.5c) gives remote access.
CVE-1999-0240 2026-04-16 N/A
Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy.
CVE-1999-0250 1 Dan Bernstein 1 Qmail 2026-04-16 N/A
Denial of service in Qmail through long SMTP commands.
CVE-1999-0253 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.
CVE-1999-0280 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Remote command execution in Microsoft Internet Explorer using .lnk and .url files.
CVE-1999-0439 2 Caldera, Procmail 2 Openlinux, Procmail 2026-04-16 N/A
Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file.