Export limit exceeded: 345207 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345207 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345207 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0346 | 1 Php | 1 Php Fi | 2026-04-16 | N/A |
| CGI PHP mlog script allows an attacker to read any file on the target server. | ||||
| CVE-2006-3300 | 1 Phpmysms | 1 Phpmysms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in sms_config/gateway.php in PhpMySms 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ROOT_PATH parameter. | ||||
| CVE-2006-3301 | 1 Phpqladmin | 1 Phpqladmin | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpQLAdmin 2.2.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the domain parameter in (1) user_add.php or (2) unit_add.php. | ||||
| CVE-2006-3302 | 1 Cbsms | 1 Mambo Module | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in mod_cbsms.php in CBSMS Mambo Module 1.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosC_a_path parameter. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information. | ||||
| CVE-2006-3303 | 1 Deluxebb | 1 Deluxebb | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in pm.php in DeluxeBB 1.07 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) subject or (2) to parameters. | ||||
| CVE-2006-3304 | 1 Deluxebb | 1 Deluxebb | 2026-04-16 | N/A |
| SQL injection vulnerability in cp.php in DeluxeBB 1.07 and earlier allows remote attackers to execute arbitrary SQL commands via the xmsn parameter. | ||||
| CVE-2006-3305 | 1 Uebimiau | 1 Uebimiau | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in UebiMiau Webmail 2.7.10, and 2.7.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) f_user parameter in index.php, the (2) pag parameter in messages.php, or the (3) lid, (4) tid, and (5) sid parameters in error.php. | ||||
| CVE-1999-0347 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character. | ||||
| CVE-2006-3306 | 1 Zoid Technologies | 1 Project Eros Bbsengine | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the preparestring function in lib/common.php in Project EROS bbsengine before 20060501-0142-jam, and possibly earlier versions dating back to 2006-02-23, might allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-1999-0348 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory. | ||||
| CVE-2006-3309 | 1 Internet Scout Project | 1 Scout Portal Toolkit | 2026-04-16 | N/A |
| SQL injection vulnerability in SPT--ForumTopics.php in Scout Portal Toolkit (SPT) 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | ||||
| CVE-2006-3313 | 1 Netsoft | 1 Smartnet | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.jsp in Netsoft smartNet 2.0 allows remote attackers to inject arbitrary web script or HTML via the keyWord parameter. | ||||
| CVE-1999-0349 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands. | ||||
| CVE-1999-1299 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2026-04-16 | N/A |
| rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file. | ||||
| CVE-2006-3314 | 1 Rahnemaco | 1 Rahnemaco | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in page.php in an unspecified RahnemaCo.com product, possibly eShop, allows remote attackers to execute arbitrary PHP code via a URL in the pageid parameter. | ||||
| CVE-1999-0351 | 1 Ftp | 1 Ftp Pasv | 2026-04-16 | N/A |
| FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a client. | ||||
| CVE-1999-0352 | 2026-04-16 | N/A | ||
| ControlIT 4.5 and earlier (aka Remotely Possible) has weak password encryption. | ||||
| CVE-1999-0769 | 4 Caldera, Debian, Paul Vixie and 1 more | 4 Openlinux, Debian Linux, Vixie Cron and 1 more | 2026-04-16 | N/A |
| Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. | ||||
| CVE-1999-1050 | 1 Matt Wright | 1 Formhandler.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2) by specifying the filename as a template. | ||||
| CVE-1999-1077 | 1 Apple | 1 Macos | 2026-04-16 | N/A |
| Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock. | ||||