Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0022 1 Leif M. Wright 1 Simplestguest.cgi 2026-04-16 N/A
simplestguest.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the guestbook parameter.
CVE-2001-0023 1 Leif M. Wright 1 Everythingform.cgi 2026-04-16 N/A
everythingform.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter.
CVE-2001-0024 1 Leif M. Wright 1 Simplestmail.cgi 2026-04-16 N/A
simplestmail.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the MyEmail parameter.
CVE-2003-0053 1 Apple 2 Darwin Streaming Server, Quicktime Streaming Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message.
CVE-2001-0025 1 Leif M. Wright 1 Ad.cgi 2026-04-16 N/A
ad.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter.
CVE-2001-0026 1 Roaring Penguin 1 Pppoe 2026-04-16 N/A
rp-pppoe PPPoE client allows remote attackers to cause a denial of service via the Clamp MSS option and a TCP packet with a zero-length TCP option.
CVE-2001-0027 1 Proftpd Project 1 Proftpd 2026-04-16 N/A
mod_sqlpw module in ProFTPD does not reset a cached password when a user uses the "user" command to change accounts, which allows authenticated attackers to gain privileges of other users.
CVE-2003-0054 1 Apple 2 Darwin Streaming Server, Quicktime Streaming Server 2026-04-16 N/A
Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser.
CVE-2004-0730 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PhpBB 2.0.8 allow remote attackers to inject arbitrary web script or HTML via (1) the cat_title parameter in index.php, (2) the faq[0][0] parameter in lang_faq.php as accessible from faq.php, or (3) the faq[0][0] parameter in lang_bbcode.php as accessible from faq.php.
CVE-2001-0028 1 Igor Khasilev 1 Oops Proxy Server 2026-04-16 N/A
Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 and earlier allows remote attackers to execute arbitrary commands via a large number of " (quotation) characters.
CVE-2003-0055 1 Apple 1 Quicktime Darwin Mp3 Broadcaster 2026-04-16 N/A
Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename.
CVE-2004-0731 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary script as other users via the input field.
CVE-2004-1591 1 Micronet 1 Sp916bm 2026-04-16 N/A
The web interface for Micronet Wireless Broadband Router SP916BM running firmware before 1.9 08/04/2004 resets the password to the default password when the router is shut off, which could allow remote attackers to gain access.
CVE-2001-0029 1 Igor Khasilev 1 Oops Proxy Server 2026-04-16 N/A
Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other versions) allows remote attackers to execute arbitrary commands via a long host or domain name that is obtained from a reverse DNS lookup.
CVE-2003-0056 2 Redhat, Slocate 2 Enterprise Linux, Slocate 2026-04-16 N/A
Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument.
CVE-2001-0030 1 Smartstuff 1 Foolproof Security 2026-04-16 N/A
FoolProof 3.9 allows local users to bypass program execution restrictions by downloading the restricted executables from another source and renaming them.
CVE-2003-0057 1 Hypermail 1 Hypermail 2026-04-16 N/A
Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code (1) via a long attachment filename that is not properly handled by the hypermail executable, or (2) by connecting to the mail CGI program from an IP address that reverse-resolves to a long hostname.
CVE-2004-0732 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
SQL injection vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to execute arbitrary SQL statements via the instory parameter.
CVE-2004-1592 1 Ocportal 1 Ocportal 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in ocPortal 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the req_path parameter to reference a URL on a remote web server that contains a malicious funcs.php script.
CVE-2001-0039 1 Ipswitch 1 Imail 2026-04-16 N/A
IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes.