Export limit exceeded: 344892 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344892 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1751 | 1 Cgiscript.net | 1 Cslivesupport | 2026-04-16 | N/A |
| csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. | ||||
| CVE-2005-1285 | 1 Woltlab | 1 Burning Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in thread.php in WoltLab Burning Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the hilight parameter. | ||||
| CVE-2005-3429 | 1 Rockliffe | 1 Mailsite Express | 2026-04-16 | N/A |
| Rockliffe MailSite Express before 6.1.22, with the option to save login information enabled, saves user passwords in plaintext in cookies, which allows local users to obtain passwords by reading the cookie file, or remote attackers to obtain the cookies via cross-site scripting (XSS) vulnerabilities. | ||||
| CVE-2002-1752 | 1 Cgiscript | 1 Cschat-r-box | 2026-04-16 | N/A |
| csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. | ||||
| CVE-2002-1753 | 1 Cgiscript | 1 Csnews Professional | 2026-04-16 | N/A |
| csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function. | ||||
| CVE-2005-1286 | 1 Softwin | 1 Bitdefender Antivirus | 2026-04-16 | N/A |
| Unquoted Windows search path vulnerability in BitDefender 8 allows local users to prevent BitDefender from starting by creating a malicious C:\program.exe, possibly due to the lack of quoting of the full pathname when executing a process. | ||||
| CVE-2002-1754 | 1 Novell | 1 Netware Client | 2026-04-16 | N/A |
| Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname. | ||||
| CVE-2002-1755 | 1 Tinc | 1 Tinc | 2026-04-16 | N/A |
| tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC. | ||||
| CVE-2005-3824 | 1 Vtiger | 1 Vtiger Crm | 2026-04-16 | N/A |
| The uploads module in vTiger CRM 4.2 and earlier allows remote attackers to upload arbitrary files, such as PHP files, via the add2db action. | ||||
| CVE-2002-1756 | 1 Acd Systems | 1 Acdsee | 2026-04-16 | N/A |
| ACDSee 4.0 allows remote attackers to cause a denial of service (crash) via an .ais file with a long file description field, which is not properly handled when the file properties of the file are viewed. | ||||
| CVE-2002-1757 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| PHProjekt 2.0 through 3.1 relies on the $PHP_SELF variable for authentication, which allows remote attackers to bypass authentication for scripts via a request to a .php file with "sms" in the URL, which is included in the PATH_INFO portion of the $PHP_SELF variable, as demonstrated using "mail_send.php/sms". | ||||
| CVE-2002-1758 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| PHProjekt 2.0 through 3.1 allows remote attackers to view or modify data via requests to certain scripts that do not verify if the user is logged in. | ||||
| CVE-2002-1759 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| The upload function in PHProjekt 2.0 through 3.1 does not properly verify certain variables related to uploaded data, which allows remote attackers to cause PHProjekt to process arbitrary files. | ||||
| CVE-2002-1760 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PHProjekt 2.0 through 3.1 allow remote attackers to execute arbitrary SQL commands via the unknown attack vectors. | ||||
| CVE-2005-1287 | 1 Bk Dev | 1 Bk Forum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to member.asp, (2) forum parameter to forum.asp, or (3) various parameters in register.asp. | ||||
| CVE-2005-3435 | 1 Archilles | 1 Newsworld | 2026-04-16 | 9.8 Critical |
| admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by obtaining the password hash for another user, for example through another Newsworld vulnerability, and specifying the hash in the pwd argument. | ||||
| CVE-2002-1761 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| Directory traversal vulnerability in PHProjekt 2.0 through 3.1 allows remote attackers to read arbitrary files via .. (dot dot) sequences. | ||||
| CVE-2004-0656 | 1 Pureftpd | 1 Pureftpd | 2026-04-16 | N/A |
| The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections. | ||||
| CVE-2005-1292 | 1 Elemental Software | 1 Cartwiz | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CartWIZ ASP Cart allow remote attackers to inject arbitrary web script or HTML via the idProduct parameter to (1) tellAFriend.asp or (2) addToWishlist.asp, redirect parameter to (3) access.asp or (4) login.asp, message parameter to (5) login.asp or (6) error.asp, or (7) sku or (8) name parameter to searchResults.asp. | ||||
| CVE-2002-1762 | 1 Microsoft | 1 Baseline Security Analyzer | 2026-04-16 | N/A |
| Microsoft Baseline Security Analyzer (MBSA) 1.0 stores security scans in a known location C:\Documents and Settings\username\SecurityScans in plaintext, which could allow remote attackers to obtain sensitive information about the system via malicious active content such as ActiveX controls or Java. | ||||