Export limit exceeded: 349890 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349890 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349890 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2792 | 1 Woltlab | 1 Burning Board | 2026-04-16 | N/A |
| SQL injection vulnerability in misc.php in Woltlab Burning Board (WBB) 2.3.4 allows remote attackers to execute arbitrary SQL commands via the sid parameter. | ||||
| CVE-2006-2793 | 1 Aspsitem | 1 Aspsitem | 2026-04-16 | N/A |
| SQL injection vulnerability in Anket.asp in ASPSitem 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter. | ||||
| CVE-2006-2794 | 1 Aspsitem | 1 Aspsitem | 2026-04-16 | N/A |
| Hesabim.asp in ASPSitem 2.0 and earlier allows remote attackers to read private messages of other users via a modified id parameter. | ||||
| CVE-1999-0627 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. | ||||
| CVE-2006-2795 | 1 Xiti | 1 Xiti Tracking Script | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in XiTi Tracking Script 6 and 7 RC allow remote attackers to inject arbitrary web script or HTML via (1) the xtref parameter in xiti.js and (2) an HTTP Referer header field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2796 | 1 New-place | 1 Captivate | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in gallery.php in Captivate 1.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter, which is reflected in an error message. | ||||
| CVE-1999-0628 | 4 Freebsd, Ibm, Linux and 1 more | 4 Freebsd, Aix, Linux Kernel and 1 more | 2026-04-16 | N/A |
| The rwho/rwhod service is running, which exposes machine status and user information. | ||||
| CVE-1999-0638 | 2026-04-16 | N/A | ||
| The daytime service is running. | ||||
| CVE-2006-2797 | 1 Phpcommunitycalendar | 1 Phpcommunitycalendar | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) CalendarDetailsID parameter in (a) month.php, (b) day.php, and (c) delCalendar.php; (2) ID parameter in (d) event.php; (3) AdminUserID parameter in (e) delAdmin.php; (4) EventLocationID parameter in (f) delAddress.php; and (5) LocationID parameter in (g) delCategory.php. | ||||
| CVE-1999-0650 | 2026-04-16 | N/A | ||
| The netstat service is running, which provides sensitive information to remote attackers. | ||||
| CVE-1999-0653 | 2026-04-16 | N/A | ||
| A component service related to NIS+ is running. | ||||
| CVE-2006-2798 | 1 Phpcommunitycalendar | 1 Phpcommunitycalendar | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) LoName parameter in (a) week.php and (b) month.php and (2) AddressLink parameter in (c) event.php. | ||||
| CVE-2006-2799 | 1 Toenda Software Development | 1 Toendacms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in content_footer.php in toendaCMS 0.7.0 allows remote attackers to inject arbitrary web scripts or HTML via the print_url variable. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources. | ||||
| CVE-2006-2800 | 1 Unak | 1 Unak Cms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Unak CMS 1.5 RC2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) u_a or (2) u_s parameters. NOTE: this might be resultant from SQL injection. | ||||
| CVE-1999-0654 | 2026-04-16 | N/A | ||
| The OS/2 or POSIX subsystem in NT is enabled. | ||||
| CVE-2006-2801 | 1 Unak | 1 Unak Cms | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Unak CMS 1.5 RC2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) u_a or (2) u_s parameters. | ||||
| CVE-1999-0656 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names. | ||||
| CVE-2006-2802 | 1 Xine | 2 Gxine, Xine-lib | 2026-04-16 | N/A |
| Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6. | ||||
| CVE-2006-2803 | 1 Deltascripts | 1 Php Manualmaker | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP ManualMaker 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) id parameter to index.php, (2) search field (possibly the s parameter), or (3) comment field. | ||||
| CVE-1999-0657 | 2026-04-16 | N/A | ||
| WinGate is being used. | ||||