Export limit exceeded: 348912 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 348912 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 348912 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29911 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3418 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) error_msg parameter to usercp_register.php, (2) forward_page parameter to login.php, and (3) list_cat parameter to search.php, which are not initialized as variables. | ||||
| CVE-2002-1723 | 1 Powerboards | 1 Powerboards | 2026-04-16 | N/A |
| Powerboards 2.2b allows remote attackers to view the full path to the backend database by sending a cookie containing a non-existent username to profiles.php, which displays the full path in the error message. | ||||
| CVE-2002-1732 | 1 Actinic | 1 Actinic Catalog | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Actinic Catalog 4.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string argument to certain .pl files, (2) the REFPAGE parameter to ca000007.pl, (3) PRODREF parameter to ss000007.pl, or (4) hop parameter to ca000001.pl. | ||||
| CVE-2005-1283 | 1 Argosoft | 1 Argosoft Mail Server | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authenticated users to (1) read arbitrary files via the UIDL parameter to the msg script or (2) copy or move the user's .eml file to arbitrary locations via the delete script, a different vulnerability than CVE-2005-0367. | ||||
| CVE-2005-3427 | 1 Cisco | 1 Ciscoworks Management Center For Ips Sensors | 2026-04-16 | N/A |
| The Cisco Management Center (MC) for IPS Sensors (IPS MC) 2.1 can omit port field values while generating the Cisco IOS IPS configuration file, wich can cause some signatures to be disabled and makes it easier for attackers to escape detection. | ||||
| CVE-2002-1741 | 1 Alt-n | 1 Worldclient | 2026-04-16 | N/A |
| Directory traversal vulnerability in WorldClient.cgi in WorldClient for Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to delete arbitrary files via a ".." (dot dot) in the Attachments parameter. | ||||
| CVE-2005-1284 | 1 Argosoft | 1 Argosoft Mail Server | 2026-04-16 | N/A |
| The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote attackers to create arbitrary accounts, even if "Allow Creation of Accounts From the Web Interface" is disabled, via a direct HTTP POST request. | ||||
| CVE-2002-1829 | 1 Openbb | 1 Openbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in codeparse.php in Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to inject arbitrary web script or HTML via (1) myhome.php, (2) an onerror attribute in an IMG tag (a variant of CVE-2002-0330), or (3) a glow tag. | ||||
| CVE-2002-1837 | 1 Ids | 1 Ids | 2026-04-16 | N/A |
| The getAlbumToDisplay function in idsShared.pm for Image Display System (IDS) 0.81 allows remote attackers to determine the existence of arbitrary directories via ".." sequences in the album parameter, which generates different error messages depending on whether the directory exists or not. | ||||
| CVE-2005-1324 | 1 Matthieu Aubry | 1 Phpmyvisites | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php for phpMyVisites allow remote attackers to inject arbitrary web script or HTML via the (1) part, (2) per, or (3) site parameters. | ||||
| CVE-2005-3701 | 1 Apple | 1 Mac Os X Server | 2026-04-16 | N/A |
| Unspecified vulnerability in passwordserver in Mac OS X Server 10.3.9 and 10.4.3, when creating an Open Directory master server, allows local users to gain privileges via unknown attack vectors. | ||||
| CVE-2002-1840 | 1 Irssi | 1 Irssi | 2026-04-16 | N/A |
| irssi IRC client 0.8.4, when downloaded after 14-March-2002, could contain a backdoor in the configuration file, which allows remote attackers to access the system. | ||||
| CVE-2002-1842 | 1 Perlbot | 1 Perlbot | 2026-04-16 | N/A |
| Perlbot 1.0 beta allows remote attackers to execute arbitrary commands via shell metacharacters in (1) a word that is being spell checked or (2) an e-mail address. | ||||
| CVE-2002-1843 | 1 Perlbot | 1 Perlbot | 2026-04-16 | N/A |
| Perlbot 1.9.2 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $text variable in SpelCheck.pm or (2) the $filename variable in HTMLPlog.pm. | ||||
| CVE-2005-1325 | 1 Matthieu Aubry | 1 Phpmyvisites | 2026-04-16 | N/A |
| set_lang.php in phpMyVisites 1.3 allows remote attackers to read and include arbitrary files via the mylang parameter. | ||||
| CVE-2005-3438 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 in Change Data Capture; (2) DB06 in Data Guard Logical Standby; (3) DB10 in Locale; (4) DB12 in Materialized Views; (5) DB13 in Objects Extension; (6) DB15 in Oracle Label Security; (7) DB27 in Security, possibly due to a buffer overflow in sys.pbsde.init; and (8) DB28 and (9) DB29 in Workspace Manager. | ||||
| CVE-2005-1326 | 1 Voodoo Circle | 1 Voodoo Circle | 2026-04-16 | N/A |
| Buffer overflow in VooDoo cIRCle BOTNET before 1.0.33 allows remote authenticated attackers to cause a denial of service (client crash) via a crafted packet. | ||||
| CVE-2002-1845 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Yet Another Bulletin Board (YaBB) 1.40 and 1.41 allows remote attackers to inject arbitrary web script or HTML via the password (passwrd) parameter. | ||||
| CVE-2002-1846 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| Yet Another Bulletin Board (YaBB) 1.40 and 1.41 does not require a user to submit the correct password before changing it to a new password, which allows remote attackers to modify passwords by stealing the cookie of another user, modifying the expiretime setting, and submitting the change in a profile2 action to index.php. | ||||
| CVE-2005-1327 | 1 Woltlab | 1 Burning Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter. | ||||