Export limit exceeded: 362729 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362729 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362729 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362729 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-1262 1 Aspportal 1 Aspportal 2026-04-16 N/A
Multiple SQL injection vulnerabilities in ASPPortal 3.00 have unknown impact and attack vectors.
CVE-2006-1263 1 Wordpress 1 Wordpress 2026-04-16 N/A
Multiple "unannounced" cross-site scripting (XSS) vulnerabilities in WordPress before 2.0.2 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
CVE-2000-0945 1 Cisco 1 Catalyst 3500 Xl 2026-04-16 N/A
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.
CVE-2002-0492 1 Dcscripts 1 Dcshop 2026-04-16 N/A
dcshop.cgi in DCShop 1.002 Beta allows remote attackers to delete arbitrary setup files via a null character in the database parameter.
CVE-2006-1267 1 Invision Power Services 1 Invision Power Board 2026-04-16 N/A
Invision Power Board 2.1.4 allows remote attackers to hijack sessions and possibly gain administrative privileges by obtaining the session ID from the s parameter, then replaying it in another request.
CVE-2006-1270 1 Inprotect 1 Inprotect 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in zones.php in Inprotect 0.21 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Description field. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-1271 1 Oxynews 1 Oxynews 2026-04-16 N/A
SQL injection vulnerability in index.php in OxyNews allows remote attackers to execute arbitrary SQL commands via the oxynews_comment_id parameter.
CVE-2006-1276 1 Himpfen Consulting 1 Php Simplenews 2026-04-16 N/A
admin.php in Himpfen Consulting Company PHP SimpleNEWS 1.0.0 allows remote attackers to bypass authentication by setting the admin parameter in a cookie.
CVE-2006-1277 1 Upoint 1 At1 File Store 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in signup.php in @1 File Store 2006.03.07 allows remote attackers to inject arbitrary web script or HTML via the (1) real_name, (2) email, and (3) login parameters.
CVE-2006-1279 1 Sherzod Ruzmetov 1 Cgi Session 2026-04-16 N/A
CGI::Session 4.03-1 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by (1) Driver::File, (2) Driver::db_file, and possibly (3) Driver::sqlite.
CVE-2000-0946 1 Compaq 1 Easy Access Keyboard Software 2026-04-16 N/A
Compaq Easy Access Keyboard software 1.3 does not properly disable access to custom buttons when the screen is locked, which could allow an attacker to gain privileges or execute programs without authorization.
CVE-2000-0955 1 Cisco 1 Virtual Central Office 4000 2026-04-16 N/A
Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges.
CVE-2006-1301 1 Microsoft 2 Excel, Excel Viewer 2026-04-16 N/A
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302.
CVE-2006-1302 1 Microsoft 2 Excel, Excel Viewer 2026-04-16 N/A
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with certain crafted fields in a SELECTION record, which triggers memory corruption, aka "Malformed SELECTION record Vulnerability."
CVE-2006-1021 1 Pehepe 2 Membership Management System, Uyelik Sistemi 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in sol_menu.php in PeHePe Uyelik Sistemi (aka PeHePe MemberShip Management System) 3 allows remote attackers to inject arbitrary web script or HTML via the kuladi parameter ($kul_adi variable).
CVE-2006-1022 1 Pehepe 1 Membership Management System 2026-04-16 N/A
PHP remote file include vulnerability in sol_menu.php in PeHePe Uyelik Sistemi (aka PeHePe MemberShip Management System) 3 allows remote attackers to include and execute arbitrary PHP code via a URL in the uye_klasor parameter, along with a misafir[] parameter that is set to UYE_SEVIYE.
CVE-2006-1023 1 Hp 1 System Management Homepage 2026-04-16 N/A
Directory traversal vulnerability in HP System Management Homepage (SMH) 2.0.0 through 2.1.4 on Windows allows remote attackers to access certain files via unspecified vectors.
CVE-2006-1024 1 Addsoft 1 Storebot 2026-04-16 N/A
SQL injection vulnerability in MgrLogin.asp in Addsoft StoreBot 2005 Professional allows remote attackers to execute arbitrary SQL commands via the Pwd parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-1025 1 Addsoft 1 Storebot 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in manage.asp in Addsoft StoreBot 2002 Standard allows remote attackers to inject arbitrary web script or HTML via the ShipMethod parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-1026 1 Jfacets 1 Jfacets 2026-04-16 N/A
JFacets before 0.2 allows remote attackers to gain privileges as any account via a GET request with a modified account profileID.