Export limit exceeded: 345219 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345219 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345219 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1240 | 1 Cutephp | 1 Cutenews | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in CuteNews 0.88 allows remote attackers to execute arbitrary PHP code via a URL in the cutepath parameter in (1) shownews.php, (2) search.php, or (3) comments.php. | ||||
| CVE-2003-1241 | 1 Levcgi.com | 1 Myguestbook | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) admin_pass.php, (3) admin_modif.php, and (4) admin_suppr.php in MyGuestbook 3.0 allows remote attackers to execute arbitrary PHP code by modifying the location parameter to reference a URL on a remote web server that contains file.php via script injected into the pseudo, email, and message parameters. | ||||
| CVE-2004-0452 | 2 Larry Wall, Redhat | 2 Perl, Enterprise Linux | 2026-04-16 | N/A |
| Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack. | ||||
| CVE-2003-1242 | 1 Sage | 1 Sage | 2026-04-16 | N/A |
| Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message. | ||||
| CVE-2004-0454 | 1 Rlpr | 1 Rlpr | 2026-04-16 | N/A |
| Buffer overflow in the msg function for rlpr daemon (rlprd) 2.04 allows local users to execute arbitrary code. | ||||
| CVE-2003-1243 | 1 Sage | 1 Sage | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote attackers to insert arbitrary HTML or web script via the mod parameter. | ||||
| CVE-2003-1244 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php. | ||||
| CVE-2003-1245 | 1 Mambo | 1 Mambo Site Server | 2026-04-16 | N/A |
| index2.php in Mambo 4.0.12 allows remote attackers to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie. | ||||
| CVE-2003-1246 | 1 Pedestal Software | 1 Integrity Protection Driver | 2026-04-16 | N/A |
| NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command. | ||||
| CVE-2003-1248 | 1 Positive Software | 1 H-sphere | 2026-04-16 | N/A |
| H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) mode and (2) zipfile parameters in a URL request. | ||||
| CVE-2004-0455 | 2 Debian, Www-sql Project | 2 Debian Linux, Www-sql | 2026-04-16 | N/A |
| Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql. | ||||
| CVE-2003-1250 | 1 Efficient Networks | 1 5861 Dsl Router | 2026-04-16 | N/A |
| Efficient Networks 5861 DSL router, when running firmware 5.3.80 configured to block incoming TCP SYN, packets allows remote attackers to cause a denial of service (crash) via a flood of TCP SYN packets to the WAN interface using a port scanner such as nmap. | ||||
| CVE-2003-1252 | 1 Kelli Shaver | 1 S8forum | 2026-04-16 | N/A |
| register.php in S8Forum 3.0 allows remote attackers to execute arbitrary PHP commands by creating a user whose name ends in a .php extension and entering the desired commands into the E-mail field, which creates a web-accessible .php file that can be called by the attacker, as demonstrated using a "system($cmd)" E-mail address with a "any_name.php" username. | ||||
| CVE-2003-1253 | 1 Sangwan Kim | 1 Bookmark4u | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows remote attackers to execute arbitrary PHP code viaa URL in the prefix parameter to (1) dbase.php, (2) config.php, or (3) common.load.php. | ||||
| CVE-2003-1254 | 1 Active Php Bookmarks | 1 Active Php Bookmarks | 2026-04-16 | N/A |
| Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to execute arbitrary PHP code via (1) head.php, (2) apb_common.php, or (3) apb_view_class.php by modifying the APB_SETTINGS parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2003-1255 | 1 Active Php Bookmarks | 1 Active Php Bookmarks | 2026-04-16 | N/A |
| add_bookmark.php in Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to add arbitrary bookmarks as other users using a modified auth_user_id parameter. | ||||
| CVE-2003-1256 | 1 E-theni | 1 E-theni | 2026-04-16 | N/A |
| aff_liste_langue.php in E-theni allows remote attackers to execute arbitrary PHP code by modifying the rep_include parameter to reference a URL on a remote web server that contains para_langue.php. | ||||
| CVE-2003-1257 | 1 E-theni | 1 E-theni | 2026-04-16 | N/A |
| find_theni_home.php in E-theni allows remote attackers to obtain sensitive system information via a URL request which executes phpinfo. | ||||
| CVE-2003-1258 | 1 Versatilebulletinboard | 1 Versatilebulletinboard | 2026-04-16 | N/A |
| activate.php in versatileBulletinBoard (vBB) 0.9.5 and 0.9.6 allows remote attackers to gain unauthorized administrative access via a URL request with the uid parameter set to the webmaster uid. | ||||
| CVE-2003-1259 | 1 Globalscape | 1 Cuteftp | 2026-04-16 | N/A |
| Buffer overflow in CuteFTP 4.2 and 5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | ||||