Export limit exceeded: 345168 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345168 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1412 | 1 Gonicus | 1 Gonicus System Administration | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0 allows remote attackers to execute arbitrary PHP code via the plugin parameter to (1) 3fax/1blocklists/index.php; (2) 6departamentadmin/index.php, (3) 5terminals/index.php, (4) 4mailinglists/index.php, (5) 3departaments/index.php, and (6) 2groupd/index.php in 2administration/; or (7) the base parameter to include/help.php. | ||||
| CVE-2006-3326 | 1 Joesph Leung | 1 Quickzip | 2026-04-16 | N/A |
| Directory traversal vulnerability in QuickZip 3.06.3 allows remote user-assisted attackers to overwrite arbitrary files or directories via .. (dot dot) sequences in filenames within (1) TAR,(2) GZ, and (3) JAR archives. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-1999-0361 | 2026-04-16 | N/A | ||
| NetWare version of LaserFiche stores usernames and passwords unencrypted, and allows administrative changes without logging. | ||||
| CVE-2003-0196 | 6 Compaq, Hp, Redhat and 3 more | 9 Tru64, Cifs-9000 Server, Hp-ux and 6 more | 2026-04-16 | N/A |
| Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. | ||||
| CVE-1999-0362 | 1 Ipswitch | 1 Ws Ftp Server | 2026-04-16 | N/A |
| WS_FTP server remote denial of service through cwd command. | ||||
| CVE-1999-0363 | 2 Plp, Suse | 2 Line Printer Control, Suse Linux | 2026-04-16 | N/A |
| SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise. | ||||
| CVE-1999-0364 | 2 Fms Inc., Microsoft | 2 Total Vb Sourcebook, Access | 2026-04-16 | N/A |
| Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data. | ||||
| CVE-1999-0365 | 1 Metainfo | 2 Metaip, Sendmail | 2026-04-16 | N/A |
| The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry. | ||||
| CVE-1999-0366 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. | ||||
| CVE-2006-3327 | 1 E-cbd.biz | 1 Custom Dating Biz Dating Script | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Custom dating biz dating script 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) sn20_special_cases parameter ("Special Cases" field) in profile/mini.php, (2) tyxx01_album_name parameter ("Album Name" field) in profile/photo_create.php, and the (3) u parameter in admin/user_view.php. | ||||
| CVE-1999-0367 | 1 Netbsd | 1 Netbsd | 2026-04-16 | N/A |
| NetBSD netstat command allows local users to access kernel memory. | ||||
| CVE-1999-0369 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access. | ||||
| CVE-1999-0371 | 1 University Of Kansas | 1 Lynx | 2026-04-16 | N/A |
| Lynx allows a local user to overwrite sensitive files through /tmp symlinks. | ||||
| CVE-2006-3328 | 1 Starflow Software | 1 Hostflow | 2026-04-16 | N/A |
| new_ticket.cgi in Hostflow 2.2.1-15 allows remote attackers to steal and replay authentication credentials via an IMG tag in the desc parameter ("Ticket Description" field) that points to a URL that captures referer URLs, possibly due to a cross-site scripting (XSS) vulnerability or a leak of credentials in referer URLs. | ||||
| CVE-2006-3329 | 1 Deltascripts | 1 Php Classifieds | 2026-04-16 | N/A |
| SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the rate parameter. | ||||
| CVE-2006-3330 | 1 Deltascripts | 1 Php Classifieds | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly related to issues in add1.php. | ||||
| CVE-2006-3331 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks. | ||||
| CVE-2006-3332 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to execute arbitrary SQL commands via the (1) offset, (2) tid, (3) fromid, (4) sortby, (5) fromfrommethod, and (6) fromfromlist parameters. | ||||
| CVE-1999-0372 | 1 Microsoft | 3 Backoffice, Windows 2000, Windows Nt | 2026-04-16 | N/A |
| The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. | ||||
| CVE-2006-3333 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to inject web script or HTML via the multiple unspecified parameters, including the (1) frommethod, (2) list, and (3) method, which are reflected in an error message. NOTE: some of these vectors might be resultant from SQL injection. | ||||