Export limit exceeded: 344911 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344911 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344911 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2344 | 1 Ensim | 1 Webppliance | 2026-04-16 | N/A |
| Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target's email address. | ||||
| CVE-2002-2345 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access. | ||||
| CVE-2002-2346 | 1 Phpbb | 1 Phpbb | 2026-04-16 | N/A |
| phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses. | ||||
| CVE-2002-2347 | 1 Oracle | 1 Application Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the text entry field. | ||||
| CVE-2002-2348 | 1 Authoria | 1 Authoria | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter. | ||||
| CVE-2002-2349 | 1 Phpbb | 1 Phpbbmod | 2026-04-16 | N/A |
| phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain sensitive environment information. | ||||
| CVE-2005-2554 | 1 Network Associates | 1 Epolicy Orchestrator Agent | 2026-04-16 | N/A |
| The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) uses insecure permissions for the "Common Framework\Db" folder, which allows local users to read arbitrary files by creating a subfolder in the EPO agent web root directory. | ||||
| CVE-2005-3480 | 1 Ringtail | 1 Casebook | 2026-04-16 | N/A |
| login.asp in Ringtail CaseBook 6.1.0 displays different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames. | ||||
| CVE-2005-3721 | 1 Hitachi | 1 Ip5000 Voip Wifi Phone | 2026-04-16 | N/A |
| The default configuration of the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not require authentication for sensitive configuration pages, which allows remote attackers to modify configuration. | ||||
| CVE-2005-3951 | 1 Php Labs | 1 Survey Wizard | 2026-04-16 | N/A |
| SQL injection vulnerability in survey.php in PHP Labs Survey Wizard allows remote attackers to execute arbitrary SQL commands via the sid parameter. | ||||
| CVE-2002-2350 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter. | ||||
| CVE-2005-2556 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| core/database_api.php in Mantis 0.19.0a1 through 1.0.0a3, with register_globals enabled, allows remote attackers to connect to internal databases by modifying the g_db_type variable and monitoring the speed of responses, as identified by bug#0005956. | ||||
| CVE-2002-2353 | 1 Tftpd32 | 1 Tftpd32 | 2026-04-16 | N/A |
| tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests. | ||||
| CVE-2005-2557 | 3 Debian, Gentoo, Mantis | 3 Debian Linux, Linux, Mantis | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090. | ||||
| CVE-2002-2362 | 1 Sourceforge | 1 Mymarket | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in form_header.php in MyMarket 1.71 allows remote attackers to inject arbitrary web script or HTML via the noticemsg parameter. | ||||
| CVE-2002-2371 | 1 Linksys | 1 Wet11 | 2026-04-16 | N/A |
| Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. | ||||
| CVE-2005-2558 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2026-04-16 | N/A |
| Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field. | ||||
| CVE-2002-2375 | 1 Stalker | 1 Communigate Pro | 2026-04-16 | N/A |
| Directory traversal vulnerability in CommuniGate Pro 4.0b4 and possibly earlier versions allows remote attackers to list the contents of the WebUser directory and its parent directory via a (1) .. (dot dot) or (2) . (dot) in a URL. NOTE: it is not clear whether this issue reveals any more information regarding directory structure than is already available to any CommuniGate Pro user, although there is a possibility that it could be used to infer product version information. | ||||
| CVE-2002-2376 | 1 Leung | 1 E-guest | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in E-Guest_sign.pl in E-Guest 1.1 allows remote attackers to inject arbitrary SSI directives, web script, and HTML via the (1) full name, (2) email, (3) homepage, and (4) location parameters. NOTE: this issue might overlap CVE-2005-1605. | ||||
| CVE-2002-2378 | 1 Nakata | 1 An Httpd | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error page. | ||||