Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0830 1 Sco 1 Unixware 2026-04-16 N/A
Buffer overflow in SCO UnixWare Xsco command via a long argument.
CVE-2006-1899 1 Dev 1 Neuron Blog 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in dev Neuron Blog 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) website parameters.
CVE-2006-1903 1 Userland 1 Manila 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila allow remote attackers to inject arbitrary web script or HTML (1) via the referer parameter in sendMail, and via attributes of (2) the A element and certain other HTML elements in web pages edited with the editInBrowser module. NOTE: the msgReader$1 mode attack vector is already covered by CVE-2006-1769.
CVE-2006-1909 1 Coppermine 1 Coppermine Photo Gallery 2026-04-16 N/A
Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote attackers to read arbitrary files via a .//./ (modified dot dot slash) in the file parameter, which causes a regular expression to collapse the sequences into standard "../" sequences.
CVE-2006-1917 1 Blackorpheus 1 Clanmemberskript 2026-04-16 N/A
SQL injection vulnerability in member.php in Blackorpheus ClanMemberSkript 1.0 allows remote attackers to execute arbitrary SQL commands via the userID parameter.
CVE-2006-1921 1 Php Net Tools 1 Php Net Tools 2026-04-16 N/A
nettools.php in PHP Net Tools 2.7.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter.
CVE-2006-1947 1 Nicplex 1 Plexum 2026-04-16 N/A
Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum X5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pagesize, (2) maxrec, and (3) startpos parameters.
CVE-2006-1949 1 Nicplex 1 Plexcart 2026-04-16 N/A
SQL injection vulnerability in plexcart.pl in NicPlex PlexCart X3 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-1999-0856 1 Slackware 1 Slackware Linux 2026-04-16 N/A
login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist.
CVE-2003-1324 1 Elmme-mailer 1 Elm Me\+ 2026-04-16 N/A
Race condition in the can_open function in Elm ME+ 2.4, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group.
CVE-1999-0878 2 Beroftpd, Washington University 2 Beroftpd, Wu-ftpd 2026-04-16 N/A
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.
CVE-1999-0881 1 Blueface 1 Falcon Web Server 2026-04-16 N/A
Falcon web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-1999-0890 1 Ihtml Merchant 1 Ihtml Merchant 2026-04-16 N/A
iHTML Merchant allows remote attackers to obtain sensitive information or execute commands via a code parsing error.
CVE-2001-0526 1 Sun 1 Solaris 2026-04-16 N/A
Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable.
CVE-1999-0895 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
Firewall-1 does not properly restrict access to LDAP attributes.
CVE-1999-0896 1 Realnetworks 1 Realserver G2 2026-04-16 N/A
Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password.
CVE-1999-0902 1 Linux-nis 1 Ypserv 2026-04-16 N/A
ypserv allows local administrators to modify password tables.
CVE-1999-0904 1 Byte Fusion 1 Bftelnet 2026-04-16 N/A
Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username.
CVE-1999-0908 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.
CVE-1999-0910 1 Microsoft 3 Commercial Internet System, Site Server, Site Server Commerce 2026-04-16 N/A
Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.