Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4629 1 Smbcms 1 Smbcms 2026-04-16 N/A
SQL injection vulnerability in SMBCMS 2.1 allows remote attackers to execute arbitrary SQL commands via unspecified search parameters.
CVE-2006-3356 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The TIFFFetchAnyArray function in ImageIO in Apple OS X 10.4.7 and earlier allows remote user-assisted attackers to cause a denial of service (application crash) via an invalid tag value in a TIFF image, possibly triggering a null dereference. NOTE: This is a different issue than CVE-2006-1469.
CVE-2006-4705 1 Dominic Gamble 1 Timesheet.php 2026-04-16 N/A
SQL injection vulnerability in login.php in dwayner79 and Dominic Gamble Timesheet (aka Timesheet.php) 1.2.1 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2002-0314 3 Fasttrack, Grokster, Music City Networks 3 Kazaa, Grokster, Morpheus 2026-04-16 N/A
fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message.
CVE-2005-4630 1 Clientexec 1 Clientexec 2026-04-16 N/A
SQL injection vulnerability in index.php in ClientExec 2.3 allows remote attackers to execute arbitrary SQL commands via the (1) billshowid, (2) billdetailid, (3) fuse, and (4) frmClientID parameters.
CVE-2002-0315 3 Fasttrack, Grokster, Music City Networks 3 Kazaa, Grokster, Morpheus 2026-04-16 N/A
fasttrack p2p, as used in (1) KaZaA, (2) grokster, and (3) morpheus allows remote attackers to spoof other users by modifying the username and network information in the message header.
CVE-2002-0322 1 Yahoo 1 Messenger 2026-04-16 N/A
Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing.
CVE-2002-0324 1 Noah Gray 1 Graymatter 2026-04-16 N/A
Greymatter 1.21c and earlier with the Bookmarklet feature enabled allows remote attackers to read a cleartext password and gain administrative privileges by guessing the name of a gmrightclick-*.reg file which contains the administrator name and password in cleartext, then retrieving the file from the web server before the Greymatter administrator performs a "Clear And Exit" action.
CVE-2002-0330 1 Openbb 1 Openbb 2026-04-16 N/A
Cross-site scripting vulnerability in codeparse.php of Open Bulletin Board (OpenBB) 1.0.0 allows remote attackers to execute arbitrary script and steal cookies via Javascript in the IMG tag.
CVE-2005-4634 1 Activecampaign 1 Supporttrio 2026-04-16 N/A
SQL injection vulnerability in index.php in ActiveCampaign SupportTrio 1.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the provenance of this information is unknown because the source URL is not available; the details are obtained solely from third party information.
CVE-2002-0335 1 Galacticomm Technologies 2 Worldgroup, Worldgroup Lite Personal Server 2026-04-16 N/A
Buffer overflow in Galacticomm Worldgroup web server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long HTTP GET request.
CVE-2005-4645 1 3cfr 1 3cfr 2026-04-16 N/A
SQL injection vulnerability in index.php in 3CFR allows remote attackers to execute arbitrary SQL commands via the LangueID parameter.
CVE-2002-0343 1 Hotline Communications 1 Hotline Connect 2026-04-16 N/A
Hotline Client 1.8.5 stores sensitive user information, including passwords, in plaintext in the bookmarks file, which could allow local users with access to the bookmarks file to gain privileges by extracting the passwords.
CVE-2002-0344 1 Symantec 1 Liveupdate 2026-04-16 N/A
Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server.
CVE-2002-0348 1 Sun 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 2026-04-16 N/A
service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long service argument.
CVE-2005-4646 1 Pearlinger 1 Pearl Forums 2026-04-16 N/A
Unspecified vulnerability in index.php in PEARLINGER Pearl Forums 2.4 allows remote attackers to include arbitrary files via the mode parameter, possibly due to a directory traversal vulnerability. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-3363 1 Xoops 1 Xoops Glossaire Module 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in the Glossaire module 1.7 for Xoops allows remote attackers to execute arbitrary PHP code via a URL in the pa parameter.
CVE-2002-0349 1 Tiny Software 1 Tiny Personal Firewall 2026-04-16 N/A
Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions.
CVE-2002-0456 1 Qualcomm 1 Eudora 2026-04-16 N/A
Eudora 5.1 and earlier versions stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames.
CVE-2005-4552 1 Sun 1 Solaris Pc Netlink 2026-04-16 N/A
The (1) slsmgr and (2) slsadmin programs in Sun Solaris PC NetLink 2.0 create temporary files insecurely, which allows local users to gain privileges.