Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3951 | 1 Mam-moodle Alpha Component | 1 Mam-moodle Alpha Component | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in moodle.php in Mam-moodle alpha component (com_moodle) for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2004-2373 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| The Buddy icon file for AOL Instant Messenger (AIM) 4.3 through 5.5 is created in a predictable location, which may allow remote attackers to use a shell: URI to exploit other vulnerabilities that involve predictable locations. | ||||
| CVE-1999-0803 | 1 Ibm | 1 Aix Enetwork Firewall | 2026-04-16 | N/A |
| The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack. | ||||
| CVE-2004-2376 | 1 Twilight Utilities | 1 Twilight Utilities Web Server | 2026-04-16 | N/A |
| Buffer overflow in postfile.exe for Twilight Utilities Web Server 2.0.0.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request with a long attfile attribute. | ||||
| CVE-2004-2378 | 1 Calacode | 1 At Mail Webmail System | 2026-04-16 | N/A |
| @Mail 3.64 for Windows allows remote attackers to cause a denial of service ("unusable" server) via a large number of POP3 connections to the server. | ||||
| CVE-2005-3682 | 1 Wizz Forum | 1 Wizz Forum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote attackers to execute arbitrary SQL commands via (1) the AuthID parameter in ForumAuthDetails.php, and the TopicID parameter in (2) ForumTopicDetails.php and (3) ForumReply.php. | ||||
| CVE-1999-0815 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries. | ||||
| CVE-2005-1298 | 1 Inserter.cgi | 1 Inserter.cgi | 2026-04-16 | N/A |
| The inserter.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. | ||||
| CVE-2005-3697 | 1 Uresk Links | 1 Uresk Links | 2026-04-16 | N/A |
| Unspecified vulnerability in the administration interface in Uresk Links 2.0 Lite allows remote attackers to bypass authentication via unspecified vectors in index.php. | ||||
| CVE-2004-2444 | 1 Jaws | 1 Jaws | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Jaws 0.3 allows remote attackers to inject arbitrary web script or HTML via the action parameter. | ||||
| CVE-2006-3984 | 2 Gianluca Baldo, Phpadsnew | 2 Phpauction, Phpadsnew | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in phpAdsNew/view.inc.php in Albasoftware Phpauction 2.1 and possibly later versions, with phpAdsNew 2.0.5, allows remote attackers to execute arbitrary PHP code via a URL in the phpAds_path parameter. | ||||
| CVE-1999-0819 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it. | ||||
| CVE-2005-3736 | 1 Coastal Data Management | 1 E-quick Cart | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in e-Quick Cart allow remote attackers to inject arbitrary web script or HTML via the (1) strgifttoname parameter in shopgift.asp, (2) strfirstname parameter in shopmaillist.asp, (3) strpid parameter in shopprojectlogin.asp, and (4) Custname parameter in shoptellafriend.asp. | ||||
| CVE-2006-0324 | 1 Webspot | 1 Webspotblogging | 2026-04-16 | N/A |
| SQL injection vulnerability in WebspotBlogging 3.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter to login.php. | ||||
| CVE-1999-0824 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users. | ||||
| CVE-2004-1452 | 1 Gentoo | 1 Linux | 2026-04-16 | N/A |
| Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts. | ||||
| CVE-1999-0825 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail. | ||||
| CVE-2004-2554 | 1 Novell | 1 Client Firewall | 2026-04-16 | N/A |
| Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges. | ||||
| CVE-2005-1296 | 1 Include.cgi | 1 Include.cgi | 2026-04-16 | N/A |
| include.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | ||||
| CVE-2005-2113 | 1 Xoops | 1 Xoops | 2026-04-16 | N/A |
| SQL injection vulnerability in the loginUser function in the XMLRPC server in XOOPS 2.0.11 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via crafted values in an XML file, as demonstrated using the blogger.getPost method. | ||||