Search Results (362730 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-1223 1 I-soft 1 Quikstore 2026-04-16 N/A
quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request.
CVE-2005-4523 1 Mantis 1 Mantis 2026-04-16 N/A
Mantis 1.0.0rc3 and earlier discloses private bugs via public RSS feeds, which allows remote attackers to obtain sensitive information.
CVE-2000-1227 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back.
CVE-2005-4524 1 Mantis 1 Mantis 2026-04-16 N/A
Mantis 1.0.0rc3 does not properly handle "Make note private" when a bug is being resolved, which has unknown impact and attack vectors, probably related to an information leak.
CVE-2000-1230 1 Phorum 1 Phorum 2026-04-16 N/A
Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to access restricted web pages via an HTTP request with the PHP_AUTH_USER parameter set to "boogieman".
CVE-2005-4525 1 Sygate Technologies 1 Protection Agent 2026-04-16 N/A
SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local users to obtain management control over the agent by executing the GUI (SmcGui.exe) and then killing the process, which causes the privileged management GUI to launch.
CVE-2000-1244 1 Broadcom 1 Inoculateit Agent For Exchange 2026-04-16 N/A
Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection.
CVE-2005-4526 1 Clearswift 1 Mimesweeper For Web 2026-04-16 N/A
Clearswift MIMEsweeper For Web (a.k.a. WEBsweeper) 4.0 through 5.1 allows remote attackers to bypass filtering via a URL that does not include a .exe extension but returns an executable file.
CVE-2001-1530 1 Webmin 1 Webmin 2026-04-16 N/A
run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands.
CVE-2002-0392 3 Apache, Debian, Redhat 7 Http Server, Debian Linux, Enterprise Linux and 4 more 2026-04-16 N/A
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
CVE-2005-4527 1 Direct News 1 Direct News 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Direct News 4.9 allow remote attackers to execute arbitrary SQL commands via (1) the setLang parameter in index.php and (2) unspecified search module parameters.
CVE-2004-1553 1 Fullrevolution 1 Aspwebalbum 2026-04-16 N/A
SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName parameter in a processlogin action to album.asp, as reachable from the login action.
CVE-2002-1889 1 Logsurfer 1 Logsurfer 2026-04-16 N/A
Off-by-one buffer overflow in the context_action function in context.c of Logsurfer 1.41 through 1.5a allows remote attackers to cause a denial of service (crash) via a malformed log entry.
CVE-2005-4528 1 Chatspot 1 Chatspot 2026-04-16 N/A
SQL injection vulnerability in the Chatspot 2.0.0a7 module for phpBB allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2004-1554 1 Alexphpteam 1 Alex Guestbook 2026-04-16 N/A
PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote attackers to execute arbitrary PHP code by modifying the chem_absolu parameter to reference a URL on a remote web server that contains the code.
CVE-2005-4529 1 Chatspot 1 Chatspot 2026-04-16 N/A
The Chatspot 2.0.0a7 module for phpBB might allow remote attackers to impersonate other users via unknown vectors.
CVE-2002-2000 1 Compaq 1 Acms 2026-04-16 N/A
ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which allows attackers to access data.
CVE-2002-2060 1 Twibright Labs 1 Links 2026-04-16 N/A
Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images.
CVE-2005-4530 1 Alstrasoft 1 Epay 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Enterprise 3.0 (formerly DoPays) allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters in (1) profile.htm, (2) card.htm, (3) bank.htm, (4) subscriptions.htm, (5) send.htm, (6) request.htm, (7) forgot.htm, (8) escrow.htm, (9) donations.htm, and (10) products.htm.
CVE-2002-2071 1 Compaq 1 Tru64 2026-04-16 N/A
Compaq Tru64 4.0 d allows remote attackers to cause a denial of service in (1) telnet, (2) FTP, (3) ypbind, (4) rpc.lockd, (5) snmp, (6) ttdbserverd, and possibly other services via a TCP SYN scan, as demonstrated using nmap.