Export limit exceeded: 19539 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0837 | 1 Icecast | 1 Icecast | 2026-04-16 | N/A |
| IceCast 2.20 allows remote attackers to bypass the XSL parser and obtain the source for XSL files via a request for a .xsl file with a trailing . (dot). | ||||
| CVE-2006-0662 | 1 Ibm | 1 Lotus Domino Inotes Client | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Lotus Domino iNotes Client 6.5.4 allows remote attackers to inject arbitrary web script or HTML via email with attached html files, which are directly rendered in the browser. | ||||
| CVE-2006-3817 | 1 Novell | 1 Groupwise Webaccess | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess 6.5 and 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via an encoded SCRIPT element in an e-mail message with the UTF-7 character set, as demonstrated by the "+ADw-SCRIPT+AD4-" sequence. | ||||
| CVE-2005-0838 | 1 Icecast | 1 Icecast | 2026-04-16 | N/A |
| Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow attackers to cause a denial of service and possibly execute arbitrary code via (1) a long test value in an xsl:when tag, (2) a long test value in an xsl:if tag, or (3) a long select value in an xsl:value-of tag. | ||||
| CVE-2006-3848 | 1 Krischan Jodies | 1 Ip Calculator | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in CGI wrapper for IP Calculator (IPCalc) 0.40 allows remote attackers to inject arbitrary web script or HTML via the URI (REQUEST_URI environment variable), which is used in the actionurl variable. | ||||
| CVE-2005-0882 | 1 Birdblog | 1 Birdblog | 2026-04-16 | N/A |
| SQL injection vulnerability in admincore.php in BirdBlog before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or (2) userpw parameters. | ||||
| CVE-2006-3849 | 1 Pumpkin Studios | 2 Warzone, Warzone Resurrection | 2026-04-16 | N/A |
| Stack-based buffer overflow in Warzone 2100 and Warzone Resurrection 2.0.3 and earlier allows remote attackers to execute arbitrary code via a (1) long message handled by the recvTextMessage function in multiplay.c or a (2) long filename handled by NETrecvFile function in netplay/netplay.c. | ||||
| CVE-2005-0883 | 1 Digitalhive | 1 Digitalhive | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in base.php for DigitalHive 2.0 allow remote attackers to inject arbitrary web script or HTML via (1) the mt parameter to the membres.php page or (2) the -afs-1- query string to the msg.php page. | ||||
| CVE-2006-0698 | 1 Zen Cart | 1 Zen Cart | 2026-04-16 | N/A |
| Unspecified vulnerabilities in Zen Cart before 1.2.7 allow remote attackers to cause unknown impact via unspecified vectors related to "other attempted exploits" other than SQL injection. | ||||
| CVE-2006-3850 | 1 Lussumo | 1 Vanilla | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in upgrader.php in Vanilla CMS 1.0.1 and earlier, when /conf/old_settings.php exists, allows remote attackers to execute arbitrary PHP code via a URL in the RootDirectory parameter. NOTE: this issue has been disputed by a third party who states that the RootDirectory parameter is initialized before being used, for version 1.0. CVE analysis concurs with the dispute, but it is unclear whether older versions are affected | ||||
| CVE-2005-0884 | 1 Digitalhive | 1 Digitalhive | 2026-04-16 | N/A |
| DigitalHive 2.0 allows remote attackers to re-install the product by directly accessing the install script. | ||||
| CVE-2006-0699 | 1 David Barrett | 1 Qwikiwiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in QWikiWiki 1.5, and possibly 1.5.1 and other versions, allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2005-0885 | 1 Xmb Forum | 1 Xmb | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in XMB Forum 1.9.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Mood or (2) "Send To" fields. | ||||
| CVE-2006-3851 | 1 X7 Group | 1 X7 Chat | 2026-04-16 | N/A |
| SQL injection vulnerability in upgradev1.php in X7 Chat 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the old_prefix parameter. | ||||
| CVE-2005-0886 | 1 Invision Power Services | 1 Invision Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request. | ||||
| CVE-2006-0701 | 1 Imagevue | 1 Imagevue | 2026-04-16 | N/A |
| readfolder.php in imageVue 16.1 allows remote attackers to list directories via modified path and ext parameters. | ||||
| CVE-2005-0889 | 1 Dream4 | 1 Koobi Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Dream4 Koobi CMS 4.2.3 allows remote attackers to inject arbitrary web script or HTML via the area parameter. | ||||
| CVE-2006-0702 | 1 Imagevue | 1 Imagevue | 2026-04-16 | N/A |
| admin/upload.php in imageVue 16.1 allows remote attackers to upload arbitrary files to certain allowed folders via .. (dot dot) sequences in the path parameter. NOTE: due to the lack of details, the specific vulnerability type cannot be determined, although it might be due to directory traversal. | ||||
| CVE-2006-3852 | 1 Phptoys | 1 Micro Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Micro GuestBook allows remote attackers to execute arbitrary SQL commands via the (1) name or (2) comment ("text") fields. | ||||
| CVE-2005-0898 | 1 Magicscripts | 1 E-store Kit-2 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in downloadform.php in E-Store Kit-2 PayPal Edition allows remote attackers to inject arbitrary web script or HTML via the txn_id parameter. | ||||