Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-1488 1 Activecampaign 1 Supporttrio 2026-04-16 N/A
ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the full path of the server via invalid (1) article or (2) print parameters in a kb action to index.php, or (3) an invalid category parameter to modules/KB/pdf.php, which leaks the path in an error message.
CVE-2001-1117 1 Linksys 1 Befsr41 2026-04-16 N/A
LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm.
CVE-2003-0782 1 Ecartis 1 Ecartis 2026-04-16 N/A
Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2005-3520 1 Mysource 1 Mysource 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in MySource 2.14.0 allow remote attackers to inject arbitrary web script or HTML via (1) the target_url parameter in upgrade_in_progress_backend.php, (2) the stylesheet parameter in edit_table_cell_type_wysiwyg.php, and the bgcolor parameter in (3) insert_table.php, (4) edit_table_cell_props.php, (5) header.php, (6) edit_table_row_props.php, and (7) edit_table_props.php.
CVE-2000-0580 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros to various TCP and UDP ports, which significantly increases the CPU utilization.
CVE-2006-1518 2 Mysql, Oracle 2 Mysql, Mysql 2026-04-16 N/A
Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
CVE-2006-3848 1 Krischan Jodies 1 Ip Calculator 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in CGI wrapper for IP Calculator (IPCalc) 0.40 allows remote attackers to inject arbitrary web script or HTML via the URI (REQUEST_URI environment variable), which is used in the actionurl variable.
CVE-2001-1127 1 Progress 1 Progress 2026-04-16 N/A
Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump.
CVE-2000-0603 1 Microsoft 1 Sql Server 2026-04-16 N/A
Microsoft SQL Server 7.0 allows a local user to bypass permissions for stored procedures by referencing them via a temporary stored procedure, aka the "Stored Procedure Permissions" vulnerability.
CVE-2003-0944 1 Sap 1 Sap Db 2026-04-16 N/A
Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI.
CVE-2000-0631 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote attackers to cause a denial of service by accessing the script without a particular argument, aka the "Absent Directory Browser Argument" vulnerability.
CVE-2004-1380 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."
CVE-2001-1140 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
BadBlue Personal Edition v1.02 beta allows remote attackers to read source code for executable programs by appending a %00 (null byte) to the request.
CVE-2003-0991 3 Gnu, Redhat, Sgi 3 Mailman, Enterprise Linux, Propack 2026-04-16 N/A
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
CVE-2001-1153 1 Caldera 1 Openunix 2026-04-16 N/A
lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument.
CVE-2006-3886 1 Musicbox 1 Musicbox 2026-04-16 N/A
SQL injection vulnerability in Shalwan MusicBox 2.3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter in a viewgallery action in a request for the top-level URI. NOTE: the start parameter/search action is already covered by CVE-2006-1807, and the show parameter/top action is already covered by CVE-2006-1360.
CVE-2006-3902 1 Phpfaber 1 Topsites 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in phpFaber TopSites 2.0.9 allows remote attackers to inject arbitrary web script or HTML via the i_cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-1609 1 Hitachi 4 Xfit S, Xfit S Jca, Xfit S Zengin and 1 more 2026-04-16 N/A
Unspecified vulnerability in Hitachi XFIT/S, XFIT/S/JCA, XFIT/S/ZGN, and XFIT/S ZENGIN TCP/IP Procedure allows remote attackers to cause a denial of service (server process and transfer control process stop) when the products "receive data unexpectedly".
CVE-2006-3905 1 Mywebland 1 Mybloggie 2026-04-16 N/A
SQL injection vulnerability in Webland MyBloggie 2.1.3 allows remote attackers to execute arbitrary SQL commands via the (1) post_id parameter in index.php and (2) search function.
CVE-2001-1166 1 Freebsd 1 Freebsd 2026-04-16 N/A
linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allows one process with debugging rights on a privileged process to read restricted memory from that process.