Export limit exceeded: 349988 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29916 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3506 | 1 Sambar | 1 Sambar Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in proxy.asp in Sambar Server 6.3 BETA 2 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the (1) Remote Proxy Server or (2) Proxy Filter IPs field. | ||||
| CVE-2006-4940 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| login/forgot_password.php in Moodle before 1.6.2 allows remote attackers to obtain sensitive information (e-mail addresses and Moodle account names) via a find action. | ||||
| CVE-1999-0200 | 2026-04-16 | N/A | ||
| Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password. | ||||
| CVE-2005-3507 | 1 Cutephp | 1 Cutenews | 2026-04-16 | N/A |
| Directory traversal vulnerability in CuteNews 1.4.1 allows remote attackers to include arbitrary files, execute code, and gain privileges via "../" sequences in the template parameter to (1) show_archives.php and (2) show_news.php. | ||||
| CVE-2006-4941 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Moodle before 1.6.2 might allow remote attackers to inject arbitrary web script or HTML via (1) the choose parameter in files/index.php and (2) the sub parameter in doc/index.php. | ||||
| CVE-1999-0209 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| The SunView (SunTools) selection_svc facility allows remote users to read files. | ||||
| CVE-2005-3508 | 1 Galerie | 1 Galerie | 2026-04-16 | N/A |
| SQL injection vulnerability in showGallery.php in Gallery (Galerie) 2.4 allows remote attackers to execute arbitrary SQL commands via the galid parameter. | ||||
| CVE-2006-4942 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Moodle before 1.6.2, when the configuration lacks (1) algebra or (2) tex filters, allows remote authenticated users to write LaTeX or MimeTeX output files to the top level of the dataroot directory via (a) filter/algebra/pix.php or (b) filter/tex/pix.php. | ||||
| CVE-1999-0219 | 1 Cat Soft | 1 Serv-u | 2026-04-16 | N/A |
| Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command. | ||||
| CVE-2005-3515 | 1 Chipmunk Scripts | 1 Chipmunk Topsites | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Topsites script allows remote attackers to inject arbitrary web script or HTML via the ID parameter. | ||||
| CVE-2006-4943 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providing content from arbitrary local URIs, which allows remote attackers to obtain sensitive information via the jump parameter. | ||||
| CVE-1999-0230 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Buffer overflow in Cisco 7xx routers through the telnet service. | ||||
| CVE-2005-3516 | 1 Chipmunk Scripts | 1 Chipmunk Directory | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Directory script allows remote attackers to inject arbitrary web script or HTML via the entryID parameter. | ||||
| CVE-1999-0240 | 2026-04-16 | N/A | ||
| Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy. | ||||
| CVE-1999-0250 | 1 Dan Bernstein | 1 Qmail | 2026-04-16 | N/A |
| Denial of service in Qmail through long SMTP commands. | ||||
| CVE-2005-3517 | 1 Chipmunk Scripts | 1 Chipmunk Guestbook | 2026-04-16 | N/A |
| Chipmunk Scripts Guestbook allows remote attackers to obtain the installation path of the script via a URL that causes an error message to be displayed, such as a URL that contains a single quote (') in the start parameter of index.php. | ||||
| CVE-2006-4946 | 1 Cmsdevelopment | 1 Business Card Web Builder | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in include/startup.inc.php in CMSDevelopment Business Card Web Builder (BCWB) 0.99, and possibly 2.5 Beta and earlier, allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. | ||||
| CVE-2005-3519 | 1 Mysource | 1 Mysource | 2026-04-16 | N/A |
| Multiple PHP file inclusion vulnerabilities in MySource 2.14.0 allow remote attackers to execute arbitrary PHP code and include arbitrary local files via the (1) INCLUDE_PATH and (2) SQUIZLIB_PATH parameters in new_upgrade_functions.php, (3) the INCLUDE_PATH parameter in init_mysource.php, and the PEAR_PATH parameter in (4) Socket.php, (5) Request.php, (6) Mail.php, (7) Date.php, (8) Span.php, (9) mimeDecode.php, and (10) mime.php. | ||||
| CVE-2006-4947 | 1 Drupal | 1 Search Keyword Module | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Search Keywords module before 1.15 2006/09/15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "lack of validation on output." | ||||
| CVE-1999-0260 | 1 Renaud Deraison | 1 Jj | 2026-04-16 | N/A |
| The jj CGI program allows command execution via shell metacharacters. | ||||