Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4967 1 Nextage 1 Nextage Shopping Cart 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in NextAge Cart allow remote attackers to inject arbitrary web script or HTML via (1) the CatId parameter in a product category action in index.php or (2) the SearchWd parameter in an index search action in index.php.
CVE-2006-4968 1 Postnuke Software Foundation 1 Pnphpbb 2026-04-16 N/A
PHP remote file inclusion vulnerability in includes/functions_admin.php in PNphpBB 1.2g allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2005-3621 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts.
CVE-2006-4969 1 Wahm E-commerce 1 Pie Cart Pro 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in WAHM E-Commerce Pie Cart Pro allow remote attackers to execute arbitrary PHP code via a URL in the Inc_Dir parameter in (1) affiliates.php, (2) orders.php, (3) events.php, (4) index.php, (5) articles.php, (6) faqs.php, (7) guestbook.php, (8) catalog.php, (9) wholesale.php, (10) weblinks.php, (11) certificates.php, (12) sitesearch.php, (13) contact.php, (14) sitemap.php, (15) search.php, (16) registry.php, or (17) error.php.
CVE-2006-4970 1 Wahm E-commerce 1 Pie Cart Pro 2026-04-16 N/A
PHP remote file inclusion vulnerability in enc/content.php in WAHM E-Commerce Pie Cart Pro allows remote attackers to execute arbitrary PHP code via a URL in the Home_Path parameter.
CVE-2006-4971 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
MyBB (aka MyBulletinBoard) allows remote attackers to obtain sensitive information via a direct request for inc/plugins/hello.php, which reveals the path in an error message.
CVE-2004-1870 1 Photopost 1 Photopost Php Pro 2026-04-16 N/A
Multiple SQL injection vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to gain users' passwords via the (1) photo parameter to addfav.php, (2) photo parameter to comments.php, (3) credit parameter to comments.php, (4) cat parameter to index.php, (5) ppuser parameter to showgallery.php, (6) cat parameter to showgallery.php, (7) cat parameter to uploadphoto.php, (8) albumid parameter to useralbums.php, or (9) albumid parameter to useralbums.php.
CVE-2000-0709 1 Microsoft 1 Frontpage 2026-04-16 N/A
The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name.
CVE-2006-4972 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in archive/index.php/forum-4.html in MyBB (aka MyBulletinBoard) allows remote attackers to inject arbitrary web script or HTML via the navbits[][name] parameter.
CVE-2004-2179 1 Microsoft 2 Frontpage, Ie 2026-04-16 N/A
asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values.
CVE-2002-0894 1 New Atlanta Communications 1 Servletexec Isapi 2026-04-16 N/A
NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp file, or (2) a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet.
CVE-2006-2790 1 Sun 1 Storage Automated Diagnostic Environment 2026-04-16 N/A
A package component in Sun Storage Automated Diagnostic Environment (StorADE) 2.4 uses world-writable permissions for certain critical files and directories, which allows local users to gain privileges.
CVE-2006-4974 1 Ipswitch 1 Ws Ftp Server 2026-04-16 N/A
Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute arbitrary code via a long response to a PASV command.
CVE-2006-2792 1 Woltlab 1 Burning Board 2026-04-16 N/A
SQL injection vulnerability in misc.php in Woltlab Burning Board (WBB) 2.3.4 allows remote attackers to execute arbitrary SQL commands via the sid parameter.
CVE-1999-0012 2 Microsoft, Netscape 5 Frontpage, Internet Information Server, Personal Web Server and 2 more 2026-04-16 7 High
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
CVE-1999-0185 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution.
CVE-1999-1052 1 Microsoft 1 Frontpage 2026-04-16 N/A
Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.
CVE-2005-3635 1 Sap 1 Sap Web Application Server 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in SAP Web Application Server (WAS) 6.10 through 7.00 allow remote attackers to inject arbitrary web script or HTML via (1) the sap-syscmd in sap-syscmd and (2) the BspApplication field in the SYSTEM PUBLIC test application.
CVE-2006-2793 1 Aspsitem 1 Aspsitem 2026-04-16 N/A
SQL injection vulnerability in Anket.asp in ASPSitem 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter.
CVE-2005-1768 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a concurrent thread that increments a pointer count after the nargs function has counted the pointers, but before the count is copied from user space to kernel space, which leads to a buffer overflow.