Export limit exceeded: 45785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4822 | 1 Emusoft | 1 Emucms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in eMuSOFT emuCMS 0.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) query or (2) page parameters. | ||||
| CVE-2006-4823 | 1 Reamday Enterprises | 1 Magic News Pro | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in scripts/news_page.php in Reamday Enterprises Magic News Pro 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. | ||||
| CVE-2006-4824 | 1 Quicksilver Forums | 1 Quicksilver Forums | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in lib/activeutil.php in Quicksilver Forums (QSF) 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the set[include_path] parameter. | ||||
| CVE-2006-4825 | 1 Softcomplex | 1 Php Event Calendar | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in cl_files/index.php in SoftComplex PHP Event Calendar 1.5.1, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) ti, (2) bi, or (3) cbgi parameters. | ||||
| CVE-2006-4826 | 1 Shadowed Portal | 1 Shadowed Portal | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in bottom.php in Shadowed Portal 5.599 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter. | ||||
| CVE-2006-4885 | 1 Shadowed Portal | 1 Shadowed Portal | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Shadowed Portal 5.599 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) footer.php and (2) header.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. The bottom.php parameter is already covered by CVE-2006-4826. | ||||
| CVE-2002-1050 | 1 Hylafax | 1 Hylafax | 2026-04-16 | N/A |
| Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long line of image data. | ||||
| CVE-2002-1051 | 1 Ehud Gavron | 1 Tracesroute | 2026-04-16 | N/A |
| Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument. | ||||
| CVE-2002-1052 | 1 W3c | 1 Jigsaw | 2026-04-16 | N/A |
| Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device. | ||||
| CVE-2002-1053 | 1 W3c | 1 Jigsaw | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy Server before 2.2.1 allows remote attackers to execute arbitrary script via a URL that contains a reference to a nonexistent host followed by the script, which is included in the resulting error message. | ||||
| CVE-2002-1054 | 1 Pablo Software Solutions | 1 Pablo Ftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command. | ||||
| CVE-2002-1055 | 1 Brother | 1 Nc-3100h | 2026-04-16 | N/A |
| Buffer overflow in administrative web server for Brother NC-3100h printer allows remote attackers to cause a denial of service via a long password. | ||||
| CVE-2002-1056 | 1 Microsoft | 2 Outlook, Word | 2026-04-16 | N/A |
| Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to. | ||||
| CVE-2002-1058 | 1 Cobalt | 1 Qube | 2026-04-16 | N/A |
| Directory traversal vulnerability in splashAdmin.php for Cobalt Qube 3.0 allows local users and remote attackers, to gain privileges as the Qube Admin via .. (dot dot) sequences in the sessionId cookie that point to an alternate session file. | ||||
| CVE-2002-1060 | 1 Bluecoat | 1 Cacheos | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06 allows remote attackers to inject arbitrary web script or HTML via a URL to a nonexistent hostname that includes the HTML, which is inserted into the resulting error page. | ||||
| CVE-2002-1068 | 1 D-link | 1 Dp-303 | 2026-04-16 | N/A |
| The web server for D-Link DP-300 print server allows remote attackers to cause a denial of service (hang) via a large HTTP POST request. | ||||
| CVE-2002-1069 | 1 D-link | 1 Di-804 | 2026-04-16 | N/A |
| The remote administration capability for the D-Link DI-804 router 4.68 allows remote attackers to bypass authentication and release DHCP addresses or obtain sensitive information via a direct web request to the pages (1) release.htm, (2) Device Status, or (3) Device Information. | ||||
| CVE-2002-1070 | 1 Php-wiki | 1 Php-wiki | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote attackers to execute script as other PHPWiki users via the pagename parameter. | ||||
| CVE-2002-1071 | 1 Zyxel | 1 Prestige | 2026-04-16 | N/A |
| ZyXEL Prestige 642R allows remote attackers to cause a denial of service in the Telnet, FTP, and DHCP services (crash) via a TCP packet with both the SYN and ACK flags set. | ||||
| CVE-2002-1072 | 1 Zyxel | 1 Prestige | 2026-04-16 | N/A |
| ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01), allows remote attackers to cause a denial of service via an oversized, fragmented "jolt" style ICMP packet. | ||||