Total
345246 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2302 | 1 3d3.com | 1 Shopfactory | 2026-04-16 | 6.4 MEDIUM | N/A |
| 3D3.Com ShopFactory 5.5 through 5.8 allows remote attackers to modify the prices in their shopping carts by modifying the price in a hidden form field. | |||||
| CVE-2006-2390 | 1 Ozjournals | 1 Ozjournals | 2026-04-16 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in OZJournals 1.2 allows remote attackers to inject arbitrary web script or HTML via the vname parameter in the comments functionality. | |||||
| CVE-2006-4651 | 1 Threesquared.net | 1 Php Download Script | 2026-04-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download/index.php, and possibly download.php, in threesquared.net (aka Ben Speakman) Php download allows remote attackers to overwrite arbitrary local files via .. (dot dot) sequence in the file parameter. | |||||
| CVE-2003-0504 | 1 Phpgroupware | 1 Phpgroupware | 2026-04-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0.9.14.003 (aka webdistro) allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module. | |||||
| CVE-2001-0444 | 1 Cisco | 1 Cbos | 2026-04-16 | 2.1 LOW | N/A |
| Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. | |||||
| CVE-2004-1638 | 1 Tabs Laboratories | 1 Mailcarrier | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command. | |||||
| CVE-2000-0648 | 1 Texas Imperial Software | 1 Wftpd | 2026-04-16 | 5.0 MEDIUM | N/A |
| WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of service by executing the RENAME TO (RNTO) command before a RENAME FROM (RNFR) command. | |||||
| CVE-2001-0668 | 1 Hp | 1 Hp-ux | 2026-04-16 | 7.5 HIGH | N/A |
| Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands. | |||||
| CVE-2006-1551 | 1 Georges Auberger | 1 Pajax | 2026-04-16 | 7.5 HIGH | N/A |
| Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to execute arbitrary code via the (1) $method and (2) $args parameters. | |||||
| CVE-2000-1194 | 1 Argosoft | 1 Ftp Server | 2026-04-16 | 7.5 HIGH | N/A |
| Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD commands. | |||||
| CVE-2005-4653 | 1 Al-caricatier | 1 Al-caricatier | 2026-04-16 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in ss.php in AL-Caricatier 2.5 and earlier allows remote attackers to bypass login authentication by requesting view_caricatier.php, and then requesting any file in the admin directory with a cookie_username=admin argument. | |||||
| CVE-1999-0766 | 1 Microsoft | 2 Internet Explorer, Java Virtual Machine | 2026-04-16 | 9.3 HIGH | N/A |
| The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment. | |||||
| CVE-2006-0501 | 1 Punctweb | 1 Myco Guestbook | 2026-04-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MyCO Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the Name field, when registering a user. | |||||
| CVE-2001-0321 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | 5.0 MEDIUM | N/A |
| opendir.php script in PHP-Nuke allows remote attackers to read arbitrary files by specifying the filename as an argument to the requesturl parameter. | |||||
| CVE-2003-0144 | 4 Bsd, Freebsd, Lprold and 1 more | 4 Lpr, Freebsd, Lprold and 1 more | 2026-04-16 | 7.2 HIGH | N/A |
| Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name. | |||||
| CVE-2005-2540 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to execute arbitrary PHP commands via an ASCII char 13 (carriage return) in the signature field, which is injected into a PHP script without a preceding comment character, which can then be executed by a direct request. | |||||
| CVE-2005-0409 | 1 Citrusdb | 1 Citrusdb | 2026-04-16 | 6.4 MEDIUM | N/A |
| CitrusDB 0.3.6 and earlier does not verify authorization for the (1) importcc.php and (2) uploadcc.php, which allows remote attackers to upload credit card data and obtain sensitive information such as the pathnames for temporary files that store credit card data, and facilitates the exploitation of other vulnerabilities. | |||||
| CVE-2006-2491 | 2 Boastmachine, Kailash Nadh | 2 Boastmachine, Boastmachine | 2026-04-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in (1) index.php and (2) bmc/admin.php in BoastMachine (bMachine) 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly filtered when it is accessed using the $_SERVER["PHP_SELF"] variable. | |||||
| CVE-2006-3274 | 1 Webmin | 1 Webmin | 2026-04-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Webmin before 1.280, when run on Windows, allows remote attackers to read arbitrary files via \ (backslash) characters in the URL to certain directories under the web root, such as the image directory. | |||||
| CVE-2006-1954 | 1 Nfec.de | 1 Rechnungszentrale | 2026-04-16 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in authent.php4 in Nicolas Fischer (aka NFec) RechnungsZentrale V2 1.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the User field. | |||||