Export limit exceeded: 346125 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346125 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1397 | 1 Php-calendar | 1 Php-calendar | 2026-04-16 | N/A |
| SQL injection vulnerability in search.php for PHP-Calendar before 0.10.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2006-4110 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems. | ||||
| CVE-2006-3256 | 1 Woltlab | 1 Burning Board | 2026-04-16 | N/A |
| SQL injection vulnerability in report.php in Woltlab Burning Board (WBB) 2.3.1 allows remote attackers to execute arbitrary SQL commands via the postid parameter. | ||||
| CVE-2006-3257 | 1 Claroline | 1 Claroline | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.7.7 allow remote attackers to inject arbitrary HTML or web script via unspecified attack vectors, possibly including (1) calendar/myagenda.php, (2) document/document.php, (3) phpbb/newtopic.php, (4) tracking/userLog.php, and (5) wiki/page.php. | ||||
| CVE-2006-3258 | 1 Bnbt | 2 Easytracker, Trinedit | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.html in BNBT TrinEdit and EasyTracker 7.7r3.2004.10.27 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) filter or (2) sort parameters. | ||||
| CVE-1999-0144 | 1 Qmail Project | 1 Qmail | 2026-04-16 | N/A |
| Denial of service in Qmail by specifying a large number of recipients with the RCPT command. | ||||
| CVE-2000-0735 | 1 Rimarts Inc. | 1 Becky Internet Mail | 2026-04-16 | N/A |
| Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user replies to a message. | ||||
| CVE-2006-3259 | 1 E107 | 1 E107 | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) ep parameter to search.php and the (2) subject parameter in comment.php (aka the Subject field when posting a comment). | ||||
| CVE-2006-3260 | 1 Virtual Design Studios | 1 Vlbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in vlbook 1.02 allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2000-0736 | 1 Rimarts Inc. | 1 Becky Internet Mail | 2026-04-16 | N/A |
| Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user forwards a message. | ||||
| CVE-1999-0147 | 1 University Of Arizona | 2 Glimpse Http, Webglimpse | 2026-04-16 | N/A |
| The aglimpse CGI program of the Glimpse package allows remote execution of arbitrary commands. | ||||
| CVE-1999-0148 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| The handler CGI program in IRIX allows arbitrary command execution. | ||||
| CVE-1999-0149 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack. | ||||
| CVE-2006-3261 | 1 Trend Micro | 1 Control Manager | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Trend Micro Control Manager (TMCM) 3.5 allows remote attackers to inject arbitrary web script or HTML via the username field on the login page, which is not properly sanitized before being displayed in the error log. | ||||
| CVE-1999-0151 | 1 Satan | 1 Satan | 2026-04-16 | N/A |
| The SATAN session key may be disclosed if the user points the web browser to other sites, possibly allowing root access. | ||||
| CVE-2006-3262 | 1 Mambo | 1 Mambo | 2026-04-16 | N/A |
| SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter. | ||||
| CVE-2006-3263 | 1 Mambo | 1 Mambo | 2026-04-16 | N/A |
| SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-1999-0152 | 1 Data General | 1 Dg Ux | 2026-04-16 | N/A |
| The DG/UX finger daemon allows remote command execution through shell metacharacters. | ||||
| CVE-2006-3265 | 1 Qdig | 1 Qdig | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Qdig before 1.2.9.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) pre_gallery or (2) post_gallery parameters. | ||||
| CVE-1999-0153 | 2 Microsoft, Sco | 4 Windows 2000, Windows 95, Windows Nt and 1 more | 2026-04-16 | N/A |
| Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. | ||||