Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-0918 1 Ritlabs 1 The Bat 2026-04-16 N/A
Buffer overflow in RITLabs The Bat! 3.60.07 allows remote attackers to execute arbitrary code via a long Subject field.
CVE-2004-2108 1 Quadcomm 1 Q-shop 2026-04-16 N/A
Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) search.asp, (2) browse.asp, (3) details.asp, (4) showcat.asp, (5) users.asp, (6) addtomylist.asp, (7) modline.asp, (8) cart.asp, or (9) newuser.asp.
CVE-2004-2113 1 Herberlin 1 Bremsserver 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in BremsServer 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the URL.
CVE-2004-2122 1 Intra Forum 1 Intra Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in intraforum_db.cgi in Intra Forum allows remote attackers to inject arbitrary web script or HTML via the (1) use_last_read or (2) forum parameters.
CVE-2006-0919 1 Oi 1 Email Marketing System 2026-04-16 N/A
SQL injection vulnerability in index.php (aka the login page) in Oi! Email Marketing System 3.0 (aka Oi! 3) allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
CVE-2004-2132 1 Pj Cgi Neo Review 1 Pj Cgi Neo Review 2026-04-16 N/A
Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter.
CVE-2004-2139 1 Yabb 1 Yabb 2026-04-16 N/A
Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 allows attackers to execute arbitrary code via settings.pl.
CVE-2004-2140 1 Yabb 1 Yabb 2026-04-16 N/A
CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote attackers to modify text file contents via the subject variable.
CVE-2004-2142 1 Jorg Schilling 1 Sdd 2026-04-16 N/A
Unknown vulnerability in the remote tape support (remote.c) in the RMT client for Jorg Schilling sdd 1.28 and 1.31 has unknown impact and attack vectors.
CVE-2004-2159 1 Xmlstarlet 1 Command Line Xml Toolkit 2026-04-16 N/A
Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unknown impact and attack vectors via (1) xml_elem.c and (2) xml_select.c.
CVE-2004-2164 1 Virtual Programming 1 Vp-asp 2026-04-16 N/A
shoprestoreorder.asp in VP-ASP 5.0 does not close the database connection when a user restores a previous order, which allows remote attackers to cause a denial of service (connection consumption).
CVE-2002-0283 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Windows XP with port 445 open allows remote attackers to cause a denial of service (CPU consumption) via a flood of TCP SYN packets containing possibly malformed data.
CVE-2004-2269 1 Matt Shelton 1 Pads 2026-04-16 N/A
Stack-based buffer overflow in pads.c in Passive Asset Detection System (Pads) might allow local users to execute arbitrary code via a long report file name argument. NOTE: since Pads is not normally installed setuid, this may not be a vulnerability.
CVE-2006-0946 1 Thomson 1 Speedtouch 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Thomson SpeedTouch modems running firmware 5.3.2.6.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter to the LocalNetwork page.
CVE-2000-1085 1 Microsoft 2 Data Engine, Sql Server 2026-04-16 N/A
The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.
CVE-2004-2280 1 Ibm 1 Lotus Notes 2026-04-16 N/A
Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN.
CVE-2004-2282 1 Daniel Barron 1 Dansguardian 2026-04-16 N/A
DansGuardian before 2.7.7-2 allows remote attackers to bypass URL filters via a ".." in the request.
CVE-2004-2287 1 Dsm 1 Light Web File Browser 2026-04-16 N/A
Directory traversal vulnerability in explorer.php in DSM Light Web File Browser 2.0 allows remote attackers to read arbitrary files via .. (dot dot) in the wdir parameter.
CVE-2004-2293 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.0 to 7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) eid parameter or (2) query parameter to the Encyclopedia module, (3) preview_review function in the Reviews module as demonstrated by the url, cover, rlanguage, and hits parameters, or (4) savecomment function in the Reviews module, as demonstrated using the uname parameter. NOTE: the Faq/categories and Encyclopedia/ltr issues are already covered by CVE-2005-1023.
CVE-2004-2300 1 Ucd-snmp 1 Ucd-snmp 2026-04-16 N/A
Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -p command line argument. NOTE: it is not clear whether there are any standard configurations in which snmpd is installed setuid or setgid. If not, then this issue should not be included in CVE.