Export limit exceeded: 351514 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29926 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2750 | 1 Open Searchable Image Catalogue | 1 Open Searchable Image Catalogue | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary web scripts or HTML via failed SQL queries, which is reflected in an error message. | ||||
| CVE-2006-2859 | 1 Mywebland | 1 Mybloggie | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in MyBloggie 2.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mybloggie_root_path parameter to (1) admin.php or (2) scode.php. NOTE: this issue has been disputed in multiple third party followups, which say that the MyBloggie source code does not demonstrate the issue, so it might be the result of another module. CVE analysis as of 20060605 agrees with the dispute. In addition, scode.php is not part of the MyBloggie distribution | ||||
| CVE-1999-0708 | 1 Infodrom | 1 Cfingerd | 2026-04-16 | N/A |
| Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field. | ||||
| CVE-2006-2751 | 1 Open Searchable Image Catalogue | 1 Open Searchable Image Catalogue | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and earlier allows remote attackers to inject arbitrary web scripts or HTML via the item_list parameter in search.php. | ||||
| CVE-2006-2849 | 1 Andrew Godwin | 1 Bytehoard | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in includes/webdav/server.php in Bytehoard 2.1 Epsilon/Delta allows remote attackers to execute arbitrary PHP code via a URL in the bhconfig[bhfilepath] parameter. | ||||
| CVE-1999-1440 | 1 Mirabilis | 1 Icq 98a | 2026-04-16 | N/A |
| Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client. | ||||
| CVE-1999-0705 | 2 Isc, Redhat | 2 Inn, Linux | 2026-04-16 | N/A |
| Buffer overflow in INN inews program. | ||||
| CVE-2006-2848 | 1 Full Revolution | 1 Aspweblinks | 2026-04-16 | N/A |
| links.asp in aspWebLinks 2.0 allows remote attackers to change the administrative password, possibly via a direct request with a modified txtAdministrativePassword field. | ||||
| CVE-1999-0704 | 3 Bsdi, Freebsd, Redhat | 3 Bsd Os, Freebsd, Linux | 2026-04-16 | N/A |
| Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others. | ||||
| CVE-2006-2847 | 1 Full Revolution | 1 Aspweblinks | 2026-04-16 | N/A |
| SQL injection vulnerability in links.asp in aspWebLinks 2.0 allows remote attackers to execute arbitrary SQL commands via the linkID parameter. | ||||
| CVE-1999-0703 | 3 Bsdi, Freebsd, Openbsd | 3 Bsd Os, Freebsd, Openbsd | 2026-04-16 | N/A |
| OpenBSD, BSDI, and other Unix operating systems allow users to set chflags and fchflags on character and block devices. | ||||
| CVE-2006-2846 | 1 Visiongate | 1 Visiongate Portal System | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Print.PHP in VisionGate Portal System allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2761 | 1 Hitachi | 1 Hitsenser3 | 2026-04-16 | N/A |
| SQL injection vulnerability in Hitachi HITSENSER3 HITSENSER3/PRP, HITSENSER3/PUP, HITSENSER3/STP, and HITSENSER3/EUP allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | ||||
| CVE-1999-0596 | 2026-04-16 | N/A | ||
| A Windows NT log file has an inappropriate maximum size or retention period. | ||||
| CVE-2006-2762 | 1 Webcalendar | 1 Webcalendar | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in includes/config.php in WebCalendar 1.0.3 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter, which is remotely accessed in an fopen call whose results are used to define a user_inc setting that is used in an include_once call. | ||||
| CVE-2006-2845 | 1 Redaxo | 1 Redaxo | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Redaxo 3.0 up to 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the REX[INCLUDE_PATH] parameter to image_resize/pages/index.inc.php. | ||||
| CVE-2006-2763 | 1 Pre Projects | 1 Pre News Manager | 2026-04-16 | N/A |
| SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. It is possible that this is primary to CVE-2006-2678. | ||||
| CVE-1999-0597 | 2026-04-16 | N/A | ||
| A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire. | ||||
| CVE-2006-2844 | 1 Redaxo | 1 Redaxo | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Redaxo 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the REX[INCLUDE_PATH] parameter to (1) simple_user/pages/index.inc.php and (2) stats/pages/index.inc.php. | ||||
| CVE-2006-2843 | 1 Redaxo | 1 Redaxo | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Redaxo 2.7.4 allows remote attackers to execute arbitrary PHP code via a URL in the (1) REX[INCLUDE_PATH] parameter in (a) addons/import_export/pages/index.inc.php and (b) pages/community.inc.php. | ||||