Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-3227 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Interpretation conflict between Internet Explorer and other web browsers such as Mozilla, Opera, and Firefox might allow remote attackers to modify the visual presentation of web pages and possibly bypass protection mechanisms such as content filters via ASCII characters with the 8th bit set, which could be stripped by Internet Explorer to render legible text, but not when using other browsers. NOTE: there has been significant discussion about this issue, and as of 20060625, it is not clear where the responsibility for this issue lies, although it might be due to vagueness within the associated standards. NOTE: this might only be exploitable with certain encodings.
CVE-2005-0791 1 Phpadsnew 1 Phpadsnew 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in adframe.php in phpAdsNew 2.0.4-pr1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the refresh parameter.
CVE-2006-3234 1 Looknet 1 Fineshop 2026-04-16 N/A
Multiple SQL injection vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) produkt, (2) id_produc, and (3) id_kat parameters.
CVE-1999-0170 1 Digital 1 Ultrix 2026-04-16 N/A
Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list.
CVE-1999-1334 1 Elm Development Group 1 Elm 2026-04-16 N/A
Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via (1) long From: headers, (2) long Reply-To: headers, or (3) via a long -f (filterfile) command line argument.
CVE-2005-0793 1 Zpanel 1 Zpanel 2026-04-16 N/A
PHP remote file inclusion vulnerability in zpanel.php in ZPanel allows remote attackers to (1) execute arbitrary PHP code in ZPanel 2.0 or (2) include local files in ZPanel 2.5 beta 10 and earlier by modifying the page parameter.
CVE-2006-3236 1 Thinkfactory 1 Thinkwms 2026-04-16 N/A
Multiple SQL injection vulnerabilities in thinkWMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in (a) index.php or (b) printarticle.php, and the (2) catid parameter in index.php.
CVE-2005-0881 1 Interspire 1 Articlelive 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in articles.newcomment for Interspire ArticleLive 2005 allows remote attackers to inject arbitrary web script or HTML via the Articleld parameter.
CVE-1999-0171 1 Linux 1 Linux Kernel 2026-04-16 N/A
Denial of service in syslog by sending it a large number of superfluous messages.
CVE-1999-1342 1 Icq 1 Activelist Server 2026-04-16 N/A
ICQ ActiveList Server allows remote attackers to cause a denial of service (crash) via malformed packets to the server's UDP port.
CVE-2005-0900 1 Nukebookmarks 1 Nukebookmarks 2026-04-16 N/A
marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to obtain sensitive information via an invalid (1) file or (2) category parameter, which reveal the path in an error message.
CVE-2005-0911 1 E-xoops 1 E-xoops 2026-04-16 N/A
Multiple SQL injection vulnerabilities in exoops may allow remote attackers to execute arbitrary SQL commands via (1) the viewcat parameter to index.php or (2) the artid parameter in the viewarticle action for index.php.
CVE-2005-0924 1 Adventia 1 E-data 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Adventia E-Data 2.0 allows remote attackers to inject arbitrary web script or HTML via a query keyword.
CVE-2006-3237 1 Senokian Solutions 1 Enterprise Groupware Systems 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Enterprise Groupware System (EGS) 1.2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the module parameter.
CVE-1999-0173 1 Matt Wright 1 Formmail 2026-04-16 N/A
FormMail CGI program can be used by web servers other than the host server that the program resides on.
CVE-1999-1345 1 Auto Ftp 1 Auto Ftp 2026-04-16 N/A
Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being transferred.
CVE-2006-3238 1 Vbzoom 1 Vbzoom 2026-04-16 N/A
Multiple SQL injection vulnerabilities in VBZooM 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) MemberID parameter to rank.php, and the (2) QuranID parameter to lng.php.
CVE-2006-3241 1 Xennobb 1 Xennobb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in messages.php in XennoBB 1.0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the tid parameter.
CVE-2005-0943 1 Cisco 8 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client, Vpn 3005 Concentrator Software and 5 more 2026-04-16 N/A
Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop user connection) via a crafted HTTPS packet.
CVE-2006-3247 1 Gl-sh 1 Deaf Forum 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in show.php in GL-SH Deaf Forum 6.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) page, and (3) action parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.