Export limit exceeded: 29909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29909 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3036 | 1 Andy Mack | 1 35mmslidegallery | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in 35mmslidegallery 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) imgdir parameter in (a) index.php, and the (2) w, (3) h, and (4) t parameters in (b) popup.php. | ||||
| CVE-2004-2630 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| The MIME transformation system (transformations/text_plain__external.inc.php) in phpMyAdmin 2.5.0 up to 2.6.0-pl1 allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors. | ||||
| CVE-2004-2631 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to 2.5.7, when LeftFrameLight is FALSE, allows remote attackers to execute arbitrary PHP code via a crafted table name. | ||||
| CVE-2004-2632 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables. | ||||
| CVE-2004-2633 | 1 Arjohn Kampman | 1 Sesame Rdf Container | 2026-04-16 | N/A |
| Unspecified vulnerability in Sesamie 1.0 allows remote anonymous attackers to gain access to repositories of other users via unknown vectors. | ||||
| CVE-2004-2634 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors. | ||||
| CVE-2004-2635 | 1 Mcafee | 1 Security Installer Control System | 2026-04-16 | N/A |
| An ActiveX control for McAfee Security Installer Control System 4.0.0.81 allows remote attackers to access the Windows registry via web pages that use the control's RegQueryValue() method. | ||||
| CVE-2004-2636 | 1 Rit Research Labs | 1 Tinyweb | 2026-04-16 | N/A |
| TinyWeb 1.9 allows remote attackers to read source code of scripts via "/./" in the URL. | ||||
| CVE-2004-2637 | 1 Zonet | 1 Zsr1104we Wireless Router Runtime Code | 2026-04-16 | N/A |
| The NAT implementation in Zonet ZSR1104WE Wireless Router Runtime Code Version 2.41 converts IP addresses of inbound connections to the IP address of the router, which allows remote attackers to bypass intended security restrictions. | ||||
| CVE-2006-3037 | 1 Site Trade | 1 St Admanager Lite | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in publish.php in ST AdManager Lite allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) description, (3) article, (4) bio, and (5) name parameters. | ||||
| CVE-2004-2639 | 1 Drew Withers | 1 Journalness | 2026-04-16 | N/A |
| Unspecified vulnerability in Journalness 3.0.7 and earlier allows remote attackers to create or modify posts via unknown attack vectors. | ||||
| CVE-2004-2640 | 1 Ryszard Pydo | 1 Linuxstat | 2026-04-16 | N/A |
| Directory traversal vulnerability in lstat.cgi in LinuxStat before 2.3.1 allows remote attackers to read arbitrary files via (1) .. (dot dot) sequences or (2) absolute paths to the template parameter. | ||||
| CVE-2004-2641 | 1 Sun | 2 Netra 1280, Sun Fire | 2026-04-16 | N/A |
| Unspecified vulnerability in Sun Fire 3800/4800/4810/6800, Sun Fire V1280, and Netra 1280 allows remote attackers to cause a denial of service (system controller hang) via IP Packets With Type of Service (TOS) Bits set. | ||||
| CVE-2004-2642 | 1 Nathaniel Bray | 1 Yeemp | 2026-04-16 | N/A |
| Yeemp 0.9.9 and earlier does not properly encrypt inbound files, which allows remote attackers to spoof the identity of the sender. | ||||
| CVE-2004-2643 | 1 Microsoft | 1 Cabarc | 2026-04-16 | N/A |
| Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via "../" sequences in file names in a CAB archive. | ||||
| CVE-2004-2644 | 1 Asn.1 Compiler | 1 Asn.1 Compiler | 2026-04-16 | N/A |
| Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "ANY" type tags. | ||||
| CVE-2004-2645 | 1 Asn.1 Compiler | 1 Asn.1 Compiler | 2026-04-16 | N/A |
| Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "CHOICE" types with "indefinite length structures." | ||||
| CVE-2004-2646 | 1 Reid Garner | 1 Free Web Chat | 2026-04-16 | N/A |
| The addUser function in UserManager.java in Free Web Chat 2.0 allows remote attackers to cause a denial of service (uncaught NullPointerException) via unknown attack vectors that cause the usrName variable to be null. | ||||
| CVE-2006-3038 | 1 Cescripts | 1 Realty Room Rent | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Cescripts Realty Room Rent allows remote attackers to inject arbitrary web script or HTML via the sel_menu parameter. NOTE: the vendor notified CVE on 20060823 that "All issues concerning this script and others at cescripts.com have been addressed and fixed." | ||||
| CVE-2004-2648 | 1 Faronics | 1 Freezex | 2026-04-16 | N/A |
| FreezeX 1.00.100.0666 allows local users with administrator privileges to cause a denial of service (FreezeX application) by overwriting the db.fzx file. | ||||