Export limit exceeded: 23281 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3320 | 1 Sitebar | 1 Sitebar | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in command.php in SiteBar 3.3.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the command parameter. | ||||
| CVE-2006-3321 | 1 2enetworx | 1 Openforum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in openforum.asp in OpenForum 1.2 Beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ofdisp and (2) ofmsgid parameters. | ||||
| CVE-2006-3322 | 1 Spiffyjr | 1 Phpraid | 2026-04-16 | N/A |
| SQL injection vulnerability in includes/functions_logging.php in phpRaid 3.0.5, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the log_hack function. | ||||
| CVE-2006-3324 | 1 Id Software | 1 Quake 3 Engine | 2026-04-16 | N/A |
| The Automatic Downloading option in the id3 Quake 3 Engine and the Icculus Quake 3 Engine (ioquake3) before revision 804 allows remote attackers to overwrite arbitrary files in the quake3 directory (fs_homepath cvar) via a long string of filenames, as contained in the neededpaks buffer. | ||||
| CVE-1999-0925 | 1 Messagemedia | 1 Unitymail | 2026-04-16 | N/A |
| UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers. | ||||
| CVE-2006-3383 | 1 Mads | 1 Mads | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in mAds 1.0 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover within a URL. NOTE: the provenance of this information is unknown; the details are obtained solely from third party reports. | ||||
| CVE-2006-3387 | 1 Fusionphp | 1 Fusion News | 2026-04-16 | N/A |
| Directory traversal vulnerability in sources/post.php in Fusion News 1.0, when register_globals is enabled, allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the fil_config parameter, which can be used to execute PHP code that has been injected into a log file. | ||||
| CVE-2006-3389 | 1 Wordpress | 1 Wordpress | 2026-04-16 | N/A |
| index.php in WordPress 2.0.3 allows remote attackers to obtain sensitive information, such as SQL table prefixes, via an invalid paged parameter, which displays the information in an SQL error message. NOTE: this issue has been disputed by a third party who states that the issue does not leak any target-specific information. | ||||
| CVE-1999-0964 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Buffer overflow in FreeBSD setlocale in the libc module allows attackers to execute arbitrary code via a long PATH_LOCALE environment variable. | ||||
| CVE-2006-3391 | 1 Imbc | 1 Imbccontents Activex Control | 2026-04-16 | N/A |
| The Execute function in iMBCContents ActiveX Control before 2.0.0.59 allows remote attackers to execute arbitrary files via the file URI handler. | ||||
| CVE-1999-0965 | 1 X.org | 1 X11 | 2026-04-16 | N/A |
| Race condition in xterm allows local users to modify arbitrary files via the logging option. | ||||
| CVE-2000-0037 | 1 Great Circle Associates | 1 Majordomo | 2026-04-16 | N/A |
| Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file. | ||||
| CVE-2006-3392 | 2 Usermin, Webmin | 2 Usermin, Webmin | 2026-04-16 | N/A |
| Webmin before 1.290 and Usermin before 1.220 calls the simplify_path function before decoding HTML, which allows remote attackers to read arbitrary files, as demonstrated using "..%01" sequences, which bypass the removal of "../" sequences before bytes such as "%01" are removed from the filename. NOTE: This is a different issue than CVE-2006-3274. | ||||
| CVE-1999-0967 | 1 Microsoft | 3 Internet Explorer, Outlook Express, Windows Explorer | 2026-04-16 | N/A |
| Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol. | ||||
| CVE-1999-0975 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2026-04-16 | N/A |
| The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed. | ||||
| CVE-2006-3484 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ATutor before 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) show_courses or (2) current_cat parameters to (a) admin/create_course.php, show_courses parameter to (b) users/create_course.php, (3) p parameter to (c) documentation/admin/, (4) forgot parameter to (d) password_reminder.php, (5) cat parameter to (e) users/browse.php, or the (6) submit parameter to admin/fix_content.php. | ||||
| CVE-2006-3485 | 1 Astrodog Press | 1 Some Chess | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in AstroDog Press Some Chess 1.5-RC2 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly including the gameID parameter in board.php. | ||||
| CVE-1999-0997 | 3 Millenux Gmbh, Redhat, University Of Washington | 3 Anonftp, Linux, Wu-ftpd | 2026-04-16 | N/A |
| wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress. | ||||
| CVE-1999-0998 | 1 Cisco | 1 Cache Engine | 2026-04-16 | N/A |
| Cisco Cache Engine allows an attacker to replace content in the cache. | ||||
| CVE-2006-3487 | 1 Virtuastore | 1 Virtuastore | 2026-04-16 | N/A |
| VirtuaStore 2.0 stores sensitive files under the web root with insufficient access control, which allows remote attackers to obtain local database information by directly accessing database/virtuastore.mdb. | ||||