Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-2764 1 Xander Ladage 1 Guestbookxl 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in GuestbookXL 1.3 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in an IMG tag in a comment field to (1) guestwrite.php or (2) guestbook.php.
CVE-2006-2591 1 E107 1 E107 2026-04-16 N/A
Unspecified vulnerability in e107 before 0.7.5 has unknown impact and remote attack vectors related to an "emailing exploit".
CVE-2005-1570 1 Battleaxe Software 1 Bttlxeforum 2026-04-16 N/A
forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full path information via a certain hex-encoded argument to the page parameter, possibly due to a SQL injection vulnerability.
CVE-1999-0390 2 Redhat, Suse 2 Linux, Suse Linux 2026-04-16 N/A
Buffer overflow in Dosemu Slang library in Linux.
CVE-2003-0201 7 Apple, Compaq, Hp and 4 more 10 Mac Os X, Tru64, Cifs-9000 Server and 7 more 2026-04-16 N/A
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
CVE-2005-1577 1 Apg Technology 1 Classmaster 2026-04-16 N/A
APG Technology ClassMaster does not properly restrict access to sensitive folders, which allows remote attackers to access folders via a network share.
CVE-1999-0489 1 Microsoft 1 Windows Nt 2026-04-16 N/A
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013.
CVE-2001-0452 1 Brs 1 Webweaver 2026-04-16 N/A
BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.
CVE-1999-0480 1 Midnight Commander 1 Midnight Commander 2026-04-16 N/A
Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack.
CVE-1999-0060 1 Lucent 3 Ascend Max Router, Ascend Pipeline Router, Ascend Tnt Router 2026-04-16 N/A
Attackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool.
CVE-1999-0395 1 Backweb Technologies 1 Backweb Polite Agent Protocol 2026-04-16 N/A
A race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server.
CVE-1999-0398 1 Ssh 2 Ssh, Ssh2 2026-04-16 N/A
In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login.
CVE-2005-1594 1 Codethat 1 Shoppingcart 2026-04-16 N/A
SQL injection vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-4363 1 Cropimage Component 1 Cropimage Component 2026-04-16 N/A
PHP remote file inclusion vulnerability in admin.cropcanvas.php in the CropImage component (com_cropimage) 1.0 for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the cropimagedir parameter.
CVE-1999-0473 1 Andrew Tridgell 1 Rsync 2026-04-16 N/A
The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the directory being transferred.
CVE-1999-0415 1 Cisco 1 Cisco 7xx Routers 2026-04-16 N/A
The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration.
CVE-2002-1864 1 Sws 1 Sws Simple Web Server 2026-04-16 N/A
Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP request.
CVE-2006-2754 1 Openldap 1 Openldap 2026-04-16 N/A
Stack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3.22 might allow attackers to execute arbitrary code via a long hostname.
CVE-2006-3128 1 Easy-cms 1 Easy-cms 2026-04-16 N/A
choose_file.php in easy-CMS 0.1.2, when mod_mime is installed, does not restrict uploads of filenames with multiple extensions, which allows remote attackers to execute arbitrary PHP code by uploading a PHP file with a GIF file extension, then directly accessing that file in the Repositories directory.
CVE-2006-3113 2 Mozilla, Redhat 4 Firefox, Seamonkey, Thunderbird and 1 more 2026-04-16 N/A
Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which causes a timer object to be deleted in a way that triggers memory corruption.