Export limit exceeded: 351407 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351407 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29925 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29925 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1495 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file. | ||||
| CVE-2006-3480 | 1 Joomla | 1 Joomla | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.10 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters involving the (1) getUserStateFromRequest function, and the (2) SEF and (3) com_messages modules. | ||||
| CVE-1999-0840 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option. | ||||
| CVE-1999-0841 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type. | ||||
| CVE-2006-3137 | 1 Cutting Edge Computing | 1 Edge Ecommerce Shop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in productDetail.asp in Edge eCommerce Shop allows remote attackers to inject arbitrary web script or HTML via the cart_id parameter. | ||||
| CVE-2006-3479 | 1 Nuked-klan | 1 Nuked-klan | 2026-04-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the del_block function in modules/Admin/block.php in Nuked-Klan 1.7.5 and earlier and 1.7 SP4.2 allows remote attackers to delete arbitrary "blocks" via a link with a modified bid parameter in a del_block op on the block page in index.php. | ||||
| CVE-2006-3478 | 1 Myphp Cms | 1 Myphp Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in styles/default/global_header.php in MyPHP CMS 0.3 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the domain parameter. | ||||
| CVE-2006-3141 | 1 Dpivision | 1 Tradingeye Shop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in details.cfm in Tradingeye Shop R4 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter. | ||||
| CVE-1999-0842 | 1 Symantec | 1 Mail-gear | 2026-04-16 | N/A |
| Symantec Mail-Gear 1.0 web interface server allows remote users to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2006-3477 | 1 Stalker | 1 Communigate | 2026-04-16 | N/A |
| Unspecified vulnerability in the POP service in Stalker CommuniGate Pro 5.1c1 and earlier allows remote attackers to cause a denial of service (server crash) via unspecified vectors involving opening an empty inbox. | ||||
| CVE-2006-3147 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| Unspecified vulnerability in Hosting Controller before 6.1 (aka Hotfix 3.2) allows remote authenticated attackers to gain host admin privileges, list all resellers, or change resellers' passwords via unspecified vectors. NOTE: due to the lack of precise details, it is not clear whether this is related to a previously disclosed issue such as CVE-2005-1788. | ||||
| CVE-2006-3476 | 1 Phpwebgallery | 1 Phpwebgallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in comments.php in PhpWebGallery 1.5.2 and earlier, and possibly 1.6.0, allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. | ||||
| CVE-1999-0848 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2026-04-16 | N/A |
| Denial of service in BIND named via consuming more than "fdmax" file descriptors. | ||||
| CVE-2006-3149 | 1 Phpmyforum | 1 Phpmyforum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in topic.php in phpMyForum 4.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the highlight parameter. | ||||
| CVE-1999-0868 | 5 Isc, Nec, Netscape and 2 more | 6 Inn, Goah Intrasv, Goah Networksv and 3 more | 2026-04-16 | N/A |
| ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. | ||||
| CVE-1999-0935 | 2026-04-16 | N/A | ||
| classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form. | ||||
| CVE-2006-3307 | 1 Zoid Technologies | 1 Project Eros Bbsengine | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Project EROS bbsengine before bbsengine-20060429-1550-jam allow remote attackers to execute arbitrary SQL commands via (1) unspecified parameters in the php/comment.php and (2) the getpartialmatches method in php/aolbonics.php. | ||||
| CVE-1999-0913 | 1 Network Security Wizards | 1 Dragon-fire Ids | 2026-04-16 | N/A |
| dfire.cgi script in Dragon-Fire IDS allows remote users to execute commands via shell metacharacters. | ||||
| CVE-2006-3308 | 1 Zoid Technologies | 1 Project Eros Bbsengine | 2026-04-16 | N/A |
| Unspecified vulnerability in the wpprop code for Project EROS bbsengine before 20060622-0315 has unknown impact and remote attack vectors via [img] tags, possibly cross-site scripting (XSS). | ||||
| CVE-1999-0914 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| Buffer overflow in the FTP client in the Debian GNU/Linux netstd package. | ||||