Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2004-1086 1 Apple 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more 2026-04-16 N/A
Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remote attackers to execute arbitrary code via a crafted PostScript input file.
CVE-2005-4496 1 Forum One 1 Syntaxcms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search in SyntaxCMS 1.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search_query parameter.
CVE-2005-4497 1 Tangora 1 Tangora Portal Cms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Tangora Portal CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter in a search page, as demonstrated using (1) page1631.aspx and (2) page496.aspx.
CVE-2006-1489 1 Fusionzone 1 Couponzone 2026-04-16 N/A
Multiple SQL injection vulnerabilities in FusionZONE CouponZONE local.cfm in 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) companyid, (2) scat, and (3) coid parameters.
CVE-2002-1955 1 Iomega 1 Nas 2026-04-16 N/A
Iomega NAS A300U uses cleartext LANMAN authentication when mounting CIFS/SMB drives, which allows remote attackers to perform a man-in-the-middle attack.
CVE-2002-1962 1 Finjan Software 1 Surfingate 2026-04-16 N/A
Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL with an IP address instead of a hostname.
CVE-2006-1494 2 Php, Redhat 3 Php, Enterprise Linux, Rhel Stronghold 2026-04-16 N/A
Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.
CVE-2002-1966 1 My Postcards 1 My Postcards Platinum 2026-04-16 N/A
Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
CVE-2005-4499 1 Cisco 21 Adaptive Security Appliance Software, Pix Asa Ids, Pix Firewall and 18 more 2026-04-16 N/A
The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS.
CVE-2006-1497 1 Vihor 1 Vihordesign 2026-04-16 N/A
Directory traversal vulnerability in index.php in ViHor Design allows remote attackers to read arbitrary files via the page parameter.
CVE-2006-2121 1 I-rater 1 I-rater Platinum 2026-04-16 N/A
PHP remote file include vulnerability in admin/config_settings.tpl.php in I-RATER Platinum allows remote attackers to execute arbitrary code via a URL in the include_path parameter. NOTE: this is a different vector, and possibly a different vulnerability, than CVE-2006-1929.
CVE-2005-4501 1 Mediawiki 1 Mediawiki 2026-04-16 N/A
MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer.
CVE-2002-1969 1 The Magic Notebook 1 The Magic Notebook 2026-04-16 N/A
Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service (crash) via an invalid username during login.
CVE-2002-1970 1 Snortcenter 1 Snortcenter 2026-04-16 N/A
SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers.
CVE-2005-4507 1 Nexus Concepts 1 Dev Hound 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Nexus Concepts Dev Hound 2.24 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple unspecified user input fields.
CVE-2002-1971 1 Sourcecraft 1 Networking Utils 2026-04-16 N/A
The ping utility in networking_utils.php in Sourcecraft Networking_Utils 1.0 allows remote attackers to read arbitrary files via shell metacharacters in the Domain name or IP address argument.
CVE-2005-4509 1 Parallel Tools Consortium 1 Ptools 2026-04-16 N/A
SQL injection vulnerability in index.asp in pTools allows remote attackers to execute arbitrary SQL commands via the docID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2005-4511 1 Curtis Hawthorne 1 Tn3270 Resource Gateway 2026-04-16 N/A
Format string vulnerability in TN3270 Resource Gateway 1.1.0 allows local users to cause a denial of service and possibly execute arbitrary code via format string specifiers in syslog function calls.
CVE-2005-4514 1 Webwasher 1 Csm Appliance Suite 2026-04-16 N/A
The encapsulation script mechanism in Webwasher CSM Appliance Suite 5.x uses case-sensitive detection of malicious tokens, which allows attackers to bypass script detection by using tokens that can be upper or lower case. NOTE: the vendor has stated that this problem could not be reproduced, and has asked the researcher for more information, without a response as of 20060103
CVE-2005-4516 1 Php Fusion 1 Php Fusion 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion 6.00.200 through 6.00.300 allow remote attackers to inject arbitrary web script or HTML via (1) the sortby parameter in members.php and (2) IMG tags.