Export limit exceeded: 366657 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366657 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2975 | 1 Pbl Guestbook | 1 Pbl Guestbook | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the (1) name, (2) email, and (3) website parameter, which bypasses XSS protection mechanisms that check for SCRIPT tags but not IMG. NOTE: portions of this description's details are obtained from third party information. | ||||
| CVE-2006-2980 | 1 Viart Ltd | 1 Viart Shop Free | 2026-04-16 | N/A |
| SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute arbitrary SQL commands via unknown vectors, probably involving the forum_id parameter. | ||||
| CVE-2006-2981 | 1 Arantius | 1 Vice Stats | 2026-04-16 | N/A |
| SQL injection vulnerability in vs_search.php in Arantius Vice Stats before 1.0.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors, a different issue than CVE-2006-2972. | ||||
| CVE-2000-0264 | 1 Panda | 1 Panda Security | 2026-04-16 | N/A |
| Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods. | ||||
| CVE-2004-2379 | 1 Calacode | 1 At Mail Webmail System | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in @Mail 3.64 for Windows allow remote attackers to inject arbitrary web script or HTML via (1) the Displayed Name attribute in util.pl and (2) the Folder attribute in showmail.pl. | ||||
| CVE-2005-2012 | 1 Php Arena | 1 Pafaq | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in login in paFAQ 1.0 Beta 4 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) id parameters. | ||||
| CVE-2006-3299 | 1 Metalheadws | 1 Usenet | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Usenet Script 0.5 allows remote attackers to inject arbitrary web script or HTML via the group parameter. | ||||
| CVE-1999-0209 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| The SunView (SunTools) selection_svc facility allows remote users to read files. | ||||
| CVE-1999-0219 | 1 Cat Soft | 1 Serv-u | 2026-04-16 | N/A |
| Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command. | ||||
| CVE-1999-0232 | 1 Ncsa Httpd Project | 1 Ncsa Httpd | 2026-04-16 | N/A |
| Buffer overflow in NCSA WebServer (version 1.5c) gives remote access. | ||||
| CVE-1999-0240 | 2026-04-16 | N/A | ||
| Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy. | ||||
| CVE-1999-0250 | 1 Dan Bernstein | 1 Qmail | 2026-04-16 | N/A |
| Denial of service in Qmail through long SMTP commands. | ||||
| CVE-1999-0253 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-16 | N/A |
| IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL. | ||||
| CVE-1999-0280 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Remote command execution in Microsoft Internet Explorer using .lnk and .url files. | ||||
| CVE-1999-0439 | 2 Caldera, Procmail | 2 Openlinux, Procmail | 2026-04-16 | N/A |
| Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file. | ||||
| CVE-1999-0440 | 2 Netscape, Sun | 3 Communicator, Navigator, Java | 2026-04-16 | N/A |
| The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. | ||||
| CVE-1999-0449 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. | ||||
| CVE-1999-0461 | 2 Linux, Sgi | 2 Linux Kernel, Irix | 2026-04-16 | N/A |
| Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address. | ||||
| CVE-1999-0470 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted. | ||||
| CVE-1999-0471 | 1 Winroute | 1 Winroute | 2026-04-16 | N/A |
| The remote proxy server in Winroute allows a remote attacker to reconfigure the proxy without authentication through the "cancel" button. | ||||