Search Results (363700 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1049 1 Hylafax 1 Hylafax 2026-04-16 N/A
Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service (crash) via the TSI data element.
CVE-2002-1040 1 Ibm 1 Aix 2026-04-16 N/A
Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.
CVE-2002-1031 1 Key Focus 1 Kf Web Server 2026-04-16 N/A
KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character.
CVE-2005-2089 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
Microsoft IIS 5.0 and 6.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes IIS to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."
CVE-2002-1021 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte.
CVE-2005-4236 1 Cartkeeper 1 Ckgold Shopping Cart 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in CKGOLD allows remote attackers to inject arbitrary web script or HTML via the search parameters.
CVE-2002-1020 1 Adobe 1 Adobe Content Server 2026-04-16 N/A
The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available.
CVE-2000-0288 2026-04-16 N/A
Infonautics getdoc.cgi allows remote attackers to bypass the payment phase for accessing documents via a modified form variable.
CVE-2002-1013 1 Inktomi 3 Media-ixt, Traffic Edge, Traffic Server 2026-04-16 N/A
Buffer overflow in traffic_manager for Inktomi Traffic Server 4.0.18 through 5.2.2, Traffic Edge 1.1.2 and 1.5.0, and Media-IXT 3.0.4 allows local users to gain root privileges via a long -path argument.
CVE-2006-0066 1 Phpjournaler 1 Phpjournaler 2026-04-16 N/A
SQL injection vulnerability in index.php in PHPjournaler 1.0 allows remote attackers to execute arbitrary SQL commands via the readold parameter.
CVE-2002-1007 1 Blackboard 1 Blackboard 2026-04-16 N/A
Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi.
CVE-2002-1005 1 Argosoft 1 Argosoft Mail Server 2026-04-16 N/A
ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to cause a denial of service (CPU consumption) by forwarding the email to the user while autoresponse is enabled, which creates an infinite loop.
CVE-2002-0995 1 Gianluca Baldo 1 Phpauction 2026-04-16 N/A
login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table.
CVE-2005-4235 1 Whmcompletesolution 1 Whmcompletesolution 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in knowledgebase.php in WHMCompleteSolution 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameters.
CVE-2002-0988 1 Caldera 2 Openunix, Unixware 2026-04-16 N/A
Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities.
CVE-2005-2086 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and earlier allows remote attackers to execute arbitrary PHP code.
CVE-2002-0985 3 Openpkg, Php, Redhat 6 Openpkg, Php, Enterprise Linux and 3 more 2026-04-16 N/A
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.
CVE-2002-0066 2 Bindview, Funk Software 2 Netrc, Funk Software Proxy 2026-04-16 N/A
Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges.
CVE-2002-0068 2 Redhat, Squid 2 Linux, Squid 2026-04-16 N/A
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
CVE-2002-0070 1 Microsoft 4 Windows 2000, Windows 98, Windows 98se and 1 more 2026-04-16 N/A
Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.