Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-0650 1 Projectbb 1 Projectbb 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ProjectBB 0.4.5.1 allow remote attackers to inject arbitrary web script or HTML via (1) the pages parameter to divers.php (incorrectly referred to as "drivers.php" by some sources), (2) in the search feature text area, (3) forum name, (4) site name or (5) the maximum avatar size in the option section, (5) new category or (6) new forum fields in the forum section.
CVE-2005-0655 1 Arif Supriyanto 1 Auracms 2026-04-16 N/A
auraCMS 1.5 allows remote attackers to obtain sensitive information via an HTTP request with an invalid id parameter to (1) teman.php, (2) hal.php, or (3) arsip.php, which reveals the path in a PHP error message.
CVE-2005-0660 1 Adalis 1 D-forum 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 allows remote attackers to inject arbitrary web script or HTML via certain fields, as demonstrated using the page parameter in nav.php3.
CVE-1999-1322 2 Broadcom, Microsoft 3 Arcserve Backup, Inoculan, Exchange Server 2026-04-16 N/A
The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext.
CVE-2001-0917 1 Apache 1 Tomcat 2026-04-16 N/A
Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension.
CVE-2002-0717 1 Php 1 Php 2026-04-16 N/A
PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP POST request with certain arguments in a multipart/form-data form, which generates an error condition that is not properly handled and causes improper memory to be freed.
CVE-2002-1827 1 Sendmail 1 Sendmail 2026-04-16 N/A
Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files.
CVE-2002-2062 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP URL.
CVE-1999-1440 1 Mirabilis 1 Icq 98a 2026-04-16 N/A
Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client.
CVE-2006-1768 1 Tritanium Scripts 1 Tritanium Bulletin Board 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_name, (2) newuser_email, and (3) newuser_hp parameters in the faction=register mode in index.php.
CVE-2006-1770 1 Azerbaijan Development Group 1 Azdgvote 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in Azerbaijan Design & Development Group (AZDG) AzDGVote allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter in (1) vote.php, (2) view.php, (3) admin.php, and (4) admin/index.php.
CVE-2006-1815 1 Tritanium Scripts 1 Tritanium Bulletin Board 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_realname and (2) newuser_icq parameters, a different vector than CVE-2006-1768. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2003-0987 2 Apache, Redhat 4 Http Server, Enterprise Linux, Rhel Stronghold and 1 more 2026-04-16 N/A
mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.
CVE-2000-0191 1 Axis 1 Storpoint Cd 2026-04-16 N/A
Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack.
CVE-2004-0120 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages.
CVE-2002-1042 2 Netscape, Sun 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more 2026-04-16 N/A
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
CVE-2006-4957 1 The Myreview System 1 Myreview 2026-04-16 N/A
SQL injection vulnerability in the GetMember function in functions.php in MyReview 1.9.4 allows remote attackers to execute arbitrary SQL commands via the email parameter to Admin.php.
CVE-2000-0044 1 Jgaa 1 Warftpd 2026-04-16 N/A
Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands.
CVE-2004-1306 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more 2026-04-16 N/A
Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file.
CVE-2000-0559 1 Broadcom 1 Etrust Intrusion Detection 2026-04-16 N/A
eTrust Intrusion Detection System (formerly SessionWall-3) uses weak encryption (XOR) to store administrative passwords in the registry, which allows local users to easily decrypt the passwords.