Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0775 1 Photopost 1 Photopost Php Pro 2026-04-16 N/A
The reportpost action in misc.php for PhotoPost PHP 5.0 RC3 does not limit the logging data that is sent to the administrator, which allows remote attackers to send large amounts of email to the administrator.
CVE-2002-0329 1 Snitz Communications 1 Snitz Forums 2000 2026-04-16 N/A
Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag.
CVE-2005-3584 1 Phpwebthings 1 Phpwebthings 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to inject arbitrary web script or HTML via the forum parameter.
CVE-2005-4062 1 Xcent 1 Xcclassified 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in CPSearch.asp in XcClassified 3.x allows remote attackers to inject arbitrary web script or HTML via the search parameters.
CVE-2002-0331 1 Alcatech Gmbh 1 Bpm Studio Pro 2026-04-16 N/A
Directory traversal vulnerability in the HTTP server for BPM Studio Pro 4.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request.
CVE-2005-2705 2 Mozilla, Redhat 3 Firefox, Mozilla Suite, Enterprise Linux 2026-04-16 N/A
Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code.
CVE-2002-0332 1 Xtell 1 Xtell 2026-04-16 N/A
Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the xtell request.
CVE-2002-0335 1 Galacticomm Technologies 2 Worldgroup, Worldgroup Lite Personal Server 2026-04-16 N/A
Buffer overflow in Galacticomm Worldgroup web server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long HTTP GET request.
CVE-2004-1476 2 Suse, Xine 3 Suse Linux, Xine, Xine-lib 2026-04-16 N/A
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.
CVE-2005-0779 1 Platinumftp 1 Platinumftpserver 2026-04-16 N/A
PlatinumFTP 1.0.18, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via multiple connection attempts with a \ (backslash) in the username.
CVE-2005-3585 1 Phpwebthings 1 Phpwebthings 2026-04-16 N/A
SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the forum parameter.
CVE-2002-0338 1 Ritlabs 1 The Bat 2026-04-16 N/A
The Bat! 1.53d and 1.54beta, and possibly other versions, allows remote attackers to cause a denial of service (crash) via an attachment whose name includes an MS-DOS device name.
CVE-2005-4063 1 Netauctionhelp 1 Netauctionhelp 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in NetAuctionHelp 3.0 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) L, (2) sort, (3) category, (4) categoryname parameters to search.asp.
CVE-2002-0357 1 Sgi 1 Irix 2026-04-16 N/A
Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges.
CVE-2005-3589 1 Filezilla 1 Filezilla Server Terminal 2026-04-16 N/A
Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command.
CVE-2005-4072 1 Cfmagic 1 Magic Forum Personal 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in CFMagic Magic Forum Personal 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the Words parameter in search_forums.cfm, as used in the "Search For:" field.
CVE-2002-0359 1 Sgi 1 Irix 2026-04-16 N/A
xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges.
CVE-2002-0364 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."
CVE-2005-0782 1 Php Arena 1 Pafiledb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in (1) viewall.php and (2) category.php for paFileDB 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the start parameter to pafiledb.php.
CVE-2004-1483 1 Symantec 1 Clientless Vpn Gateway 4400 2026-04-16 N/A
Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact.