Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-0013 1 Microsoft 2 Windows 2003 Server, Windows Xp 2026-04-16 N/A
Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207.
CVE-2006-0015 1 Microsoft 2 Frontpage Server Extensions, Sharepoint Team Services 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters.
CVE-2006-2711 1 Secure Elements 1 Class 5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR (aka C5 EVM) 2.8.1 and earlier, and possibly later 2.8.x releases, uses the same initialization vector and key for each message session, which allows remote attackers to obtain potentially sensitive information about messages.
CVE-2006-3542 1 Boxcar Media 1 Shopping Cart 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Garry Glendown Shopping Cart 0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) shop name field in (a) editshop.php, (b) edititem.php, and (c) index.php; and via the (2) item field in editshop.php and edititem.php.
CVE-2006-2712 1 Secure Elements 1 Class 5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR (aka C5 EVM) client and server before 2.8.1 do not verify the integrity of a message digest, which allows remote attackers to modify and replay messages.
CVE-2006-0086 1 Next Generation Image Gallery 1 Next Generation Image Gallery 2026-04-16 N/A
Cross-site scripting vulnerability in index.php in Next Generation Image Gallery 0.0.1 Lite Edition allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2006-0087 1 Lizard Cart 1 Lizard Cart Cms 2026-04-16 N/A
SQL injection vulnerability in (1) pages.php and (2) detail.php in Lizard Cart CMS 1.04 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2000-0104 1 Web Express 1 Shoptron 2026-04-16 N/A
The Shoptron shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
CVE-2006-0088 1 Intouch 1 Intouch 2026-04-16 N/A
SQL injection vulnerability in intouch.lib.php in inTouch 0.5.1 Alpha allows remote attackers to execute arbitrary SQL commands via the user parameter.
CVE-2000-0113 1 Sybergen 1 Sygate 2026-04-16 N/A
The SyGate Remote Management program does not properly restrict access to its administration service, which allows remote attackers to cause a denial of service, or access network traffic statistics.
CVE-2006-0089 1 Esri 1 Arcpad 2026-04-16 N/A
Buffer overflow in ESRI ArcPad 7.0.0.156 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .amp file with a COORDSYS tag with a long string attribute.
CVE-2006-0093 1 Ecardmax.com 1 Atcard Me Php 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in @Card ME PHP allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
CVE-2000-0115 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page.
CVE-2002-0090 1 Sun 1 Solaris 2026-04-16 N/A
Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option.
CVE-2000-0255 1 Nbase-xyplex 1 Edgeblaster 2026-04-16 N/A
The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a denial of service via a scan for the FormMail CGI program.
CVE-2000-0124 1 Surfcontrol 1 Superscout 2026-04-16 N/A
surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end, which may allow users to bypass web access restrictions.
CVE-2000-0126 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack.
CVE-2006-0095 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.
CVE-2000-0134 1 Adgrafix Corporation 1 Check It Out 2026-04-16 N/A
The Check It Out shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
CVE-2000-0257 1 Novell 1 Netware 2026-04-16 N/A
Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL.