Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-3525 1 Phpcredo 1 Phcdownload 2026-04-16 N/A
SQL injection vulnerability in category.php in PHCDownload 1.0.0 Final and 1.0.0 Release Candidate 6 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-3584 1 Jetbox 1 Jetbox Cms 2026-04-16 N/A
Dynamic variable evaluation vulnerability in index.php in Jetbox CMS 2.1 SR1 allows remote attackers to overwrite configuration variables via URL parameters, which are evaluated as PHP variable variables.
CVE-2004-2557 1 Netgear 1 Wg602 2026-04-16 N/A
NetGear WG602 (aka WG602v1) Wireless Access Point 1.7.14 has a hardcoded account of username "superman" and password "21241036", which allows remote attackers to modify the configuration.
CVE-2001-0333 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
CVE-2003-1260 1 Globalscape 1 Cuteftp 2026-04-16 N/A
Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbitrary code via a long response to a LIST command.
CVE-2005-1517 1 Cisco 1 Firewall Services Module 2026-04-16 N/A
Unknown vulnerability in Cisco Firewall Services Module (FWSM) 2.3.1 and earlier, when using URL, FTP, or HTTPS filtering exceptions, allows certain TCP packets to bypass access control lists (ACLs).
CVE-2006-3948 1 Php-nuke 1 Inp 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke INP allows remote attackers to inject arbitrary web script or HTML via the query parameter.
CVE-2006-4070 1 Imendio Planner 1 Imendio Planner 2026-04-16 N/A
Format string vulnerability in Imendio Planner 0.13 allows user-assisted attackers to execute arbitrary code via format string specifiers in a filename.
CVE-2006-1756 1 Matthew Dingley 1 Md News 2026-04-16 N/A
MD News 1 allows remote attackers to bypass authentication via a direct request to a script in the Administration Area.
CVE-2001-0797 5 Hp, Ibm, Sco and 2 more 6 Hp-ux, Aix, Openserver and 3 more 2026-04-16 N/A
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
CVE-2001-0824 1 Ibm 1 Websphere Application Server 2026-04-16 N/A
Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error page.
CVE-2001-0799 1 Sgi 1 Irix 2026-04-16 N/A
Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument.
CVE-2001-0826 1 Aclogic 1 Cesarftp 2026-04-16 N/A
Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute arbitrary commands via long arguments to (1) HELP, (2) USER, (3) PASS, (4) PORT, (5) DELE, (6) REST, (7) RMD, or (8) MKD.
CVE-2004-1069 2 Linux, Ubuntu 2 Linux Kernel, Ubuntu Linux 2026-04-16 N/A
Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_sendmsg function.
CVE-2001-0828 1 Caucho Technology 1 Resin 2026-04-16 N/A
A cross-site scripting vulnerability in Caucho Technology Resin before 1.2.4 allows a malicious webmaster to embed Javascript in a hyperlink that ends in a .jsp extension, which causes an error message that does not properly quote the Javascript.
CVE-2005-2410 1 Gnome 1 Networkmanager 2026-04-16 N/A
Format string vulnerability in the nm_info_handler function in Network Manager may allow remote attackers to execute arbitrary code via format string specifiers in a Wireless Access Point identifier, which is not properly handled in a syslog call.
CVE-2001-0829 1 Apache 1 Tomcat 2026-04-16 N/A
A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.
CVE-2001-0804 1 Valerie Mates 1 Interactive Story 2026-04-16 N/A
Directory traversal vulnerability in story.pl in Interactive Story 1.3 allows a remote attacker to read arbitrary files via a .. (dot dot) attack on the "next" parameter.
CVE-2001-0900 1 Francisco Burzi 1 Gallery 2026-04-16 N/A
Directory traversal vulnerability in modules.php in Gallery before 1.2.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the include parameter.
CVE-2005-2449 1 Sandbox 1 Sandbox 2026-04-16 N/A
Race condition in sandbox before 1.2.11 allows local users to create or overwrite arbitrary files via symlink attack on sandboxpids.tmp.