Export limit exceeded: 366876 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366876 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2741 | 1 Horde | 1 Application Framework | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the "help window" (help.php) in Horde Application Framework 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) module, (2) topic, or (3) module parameters. | ||||
| CVE-2000-1223 | 1 I-soft | 1 Quikstore | 2026-04-16 | N/A |
| quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request. | ||||
| CVE-1999-0935 | 2026-04-16 | N/A | ||
| classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form. | ||||
| CVE-2000-1224 | 1 Caucho Technology | 1 Resin | 2026-04-16 | N/A |
| Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others. | ||||
| CVE-2000-1225 | 1 Imatix | 1 Xitami | 2026-04-16 | N/A |
| Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program. | ||||
| CVE-2000-1226 | 1 Snort | 1 Snort | 2026-04-16 | N/A |
| Snort 1.6, when running in straight ASCII packet logging mode or IDS mode with straight decoded ASCII packet logging selected, allows remote attackers to cause a denial of service (crash) by sending non-IP protocols that Snort does not know about, as demonstrated by an nmap protocol scan. | ||||
| CVE-2000-1228 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables. | ||||
| CVE-2000-1227 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back. | ||||
| CVE-2001-0011 | 2 Isc, Redhat | 2 Bind, Linux | 2026-04-16 | N/A |
| Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | ||||
| CVE-1999-0939 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| Denial of service in Debian IRC Epic/epic4 client via a long string. | ||||
| CVE-2000-1231 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| code.php3 in Phorum 3.0.7 allows remote attackers to read arbitrary files in the phorum directory via the query string. | ||||
| CVE-2000-1232 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify certain Phorum database tables via an unknown method. | ||||
| CVE-2000-1233 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter. | ||||
| CVE-2000-1235 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor (DAD) files. | ||||
| CVE-2000-1236 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL. | ||||
| CVE-2000-1237 | 1 Floosietek | 1 Ftgate | 2026-04-16 | N/A |
| The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessing. | ||||
| CVE-2000-1234 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters. | ||||
| CVE-2001-0012 | 2 Isc, Redhat | 2 Bind, Linux | 2026-04-16 | N/A |
| BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. | ||||
| CVE-1999-0941 | 1 Mutt | 1 Mutt | 2026-04-16 | N/A |
| Mutt mail client allows a remote attacker to execute commands via shell metacharacters. | ||||
| CVE-2000-1241 | 1 Sips | 1 Sips | 2026-04-16 | N/A |
| Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault." | ||||