Export limit exceeded: 46941 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361450 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1420 | 1 Raysoft | 1 Video Cam Server | 2026-04-16 | N/A |
| Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to determine the full pathname of the server via a request for an invalid page, as demonstrated using "%20" (hex-encoded space). | ||||
| CVE-2006-4161 | 1 Xennobb | 1 Xennobb | 2026-04-16 | N/A |
| Directory traversal vulnerability in the avatar_gallery action in profile.php in XennoBB 2.1.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the category parameter. | ||||
| CVE-2006-4162 | 1 Cpg-nuke | 1 Dragonfly Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Dragonfly CMS 9.0.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search field. | ||||
| CVE-2005-1421 | 1 Raysoft | 1 Video Cam Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to read arbitrary files via ".." (dot dot) sequences in an HTTP request. | ||||
| CVE-2006-1071 | 1 Dvguestbook | 1 Dvguestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in DVguestbook 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2006-1072 | 1 Simplog | 1 Simplog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Daverave Simplog 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a blog post. | ||||
| CVE-2006-4163 | 1 Mywebland | 1 Minibloggie | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in cls_fast_template.php in myWebland miniBloggie 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the fname parameter. NOTE: another researcher was unable to find a way to execute code after including it via a URL. CVE analysis as of 20060816 was inconclusive | ||||
| CVE-2005-1422 | 1 Raysoft | 1 Video Cam Server | 2026-04-16 | N/A |
| Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to conduct administrator operations and cause a denial of service (server or camera shutdown) via a direct request to admin.html. | ||||
| CVE-2006-4164 | 1 Phpprintanalyzer | 1 Phpprintanalyzer | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in inc/header.inc.php in phpPrintAnalyzer 1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ficStyle parameter. | ||||
| CVE-2005-1423 | 1 Software602 | 1 602lan Suite | 2026-04-16 | N/A |
| Directory traversal vulnerability in the mail program in 602LAN SUITE 2004.0.05.0413 allows remote attackers to cause a denial of service and determine the presence of arbitrary files via .. sequences in the A parameter. | ||||
| CVE-2006-1073 | 1 Simplog | 1 Simplog | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in Daverave Simplog 1.0.2 and earlier allows remote attackers to include or read arbitrary .txt files via the (1) act and (2) blogid parameters. | ||||
| CVE-2006-1074 | 1 Jason Boettcher | 1 Liero Xtreme | 2026-04-16 | N/A |
| Jason Boettcher Liero Xtreme 0.62b and earlier allow remote attackers to cause a denial of service (application crash or hang) via a long argument to the connect command. | ||||
| CVE-2006-4165 | 1 Netcommons | 1 Netcommons | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in NetCommons 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2005-1424 | 1 Stumbleinside | 1 Gotext | 2026-04-16 | N/A |
| StumbleInside GoText 1.01 stores sensitive username, mail address,and phone number information in plaintext in the GoText.bin file, which allows local users to obtain that information. | ||||
| CVE-2006-1075 | 1 Jason Boettcher | 1 Liero Xtreme | 2026-04-16 | N/A |
| Format string vulnerability in the visualization function in Jason Boettcher Liero Xtreme 0.62b and earlier allows remote attackers to execute arbitrary code via format string specifiers in (1) a nickname, (2) a dedicated server name, or (3) a mapname in a level (aka .lxl) file. | ||||
| CVE-2006-4166 | 1 Tinywebgallery | 1 Tinywebgallery | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in TinyWebGallery 1.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the image parameter to (1) image.php or (2) image.php2. | ||||
| CVE-2005-1427 | 1 Uapplication | 1 Uphotogallery | 2026-04-16 | N/A |
| Uapplication Uphotogallery stores the database under the web document root, which allows remote attackers to obtain sensitive information via a direct request to uphotogallery.mdb. | ||||
| CVE-2006-1076 | 1 Invision Power Services | 1 Invision Power Board | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php, possibly during a showtopic operation, in Invision Power Board (IPB) 2.1.5 allows remote attackers to execute arbitrary SQL commands via the st parameter. | ||||
| CVE-2005-1428 | 1 Uapplication | 1 Uphotogallery | 2026-04-16 | N/A |
| edit_image.asp in Uapplication Uphotogallery allows remote attackers to upload arbitrary files. | ||||
| CVE-2006-1077 | 1 Evo-dev | 1 Evoblog | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the commentary in Evo-Dev evoBlog allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter and (2) other unspecified parameters. | ||||