Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-3866 1 Wwwsearchsolutions 1 Searchfeed Search Engine 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in SearchFeed Search Engine 1.3.2 and earlier allows remote attackers to inject arbitrary HTML and web script, possibly via the REQ parameter, which is used when performing a search.
CVE-2006-4081 1 Barracuda Networks 1 Barracuda Spam Firewall 2026-04-16 N/A
preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote attackers to execute commands via shell metacharacters ("|" pipe symbol) in the file parameter. NOTE: the attack can be extended to arbitrary commands by the presence of CVE-2006-4000.
CVE-2005-0240 1 Ibm 1 Aix 2026-04-16 N/A
Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command line argument, which is not properly handled when printing an error message.
CVE-2006-0461 1 Pmachine 1 Expressionengine 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in core.input.php in ExpressionEngine 1.4.1 allows remote attackers to inject arbitrary web script or HTML via HTTP_REFERER (referer).
CVE-2004-1494 1 Kingsoft 1 Xdict 2026-04-16 N/A
Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005 allows remote attackers to cause a denial of service ( CPU consumption or application exit) and possibly execute arbitrary code via a long string.
CVE-2005-3874 1 Weaverslave 1 Netzbrett 2026-04-16 N/A
SQL injection vulnerability in netzbr.php in Netzbrett 1.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the p_entry parameter in an entry command to index.php.
CVE-2006-0472 1 My Little Homepage 1 My Little Guestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in guestbook.php in my little homepage my little guestbook, as last modified in March 2004, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.
CVE-2004-1498 1 Webhost Automation 1 Helm Control Panel 2026-04-16 N/A
SQL injection vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary SQL commands via the messageToUserAccNum parameter.
CVE-2005-0390 1 Axel 1 Axel 2026-04-16 N/A
Buffer overflow in the HTTP redirection capability in conn.c for Axel before 1.0b may allow remote attackers to execute arbitrary code.
CVE-2006-0479 1 Pmwiki 1 Pmwiki 2026-04-16 N/A
pmwiki.php in PmWiki 2.1 beta 20, with register_globals enabled, allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS[] variable with the same name, which causes PmWiki to unset the GLOBALS[] variable but not the GPC variable, which creates resultant vulnerabilities such as remote file inclusion and cross-site scripting (XSS).
CVE-2006-4120 1 Drupal 2 Drupal, Recipe Module 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Recipe module (recipe.module) before 1.54 for Drupal 4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2004-1500 2 Freeform Interactive, Monolith Productions 11 Purge Jihad, Alien Versus Predator, Blood and 8 more 2026-04-16 N/A
Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message.
CVE-2005-1358 1 Text.cgi 1 Text.cgi 2026-04-16 N/A
text.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.
CVE-2006-0508 1 Easy Cms 1 Easy Cms 2026-04-16 N/A
Easy CMS stores the images directory under the web document root with insufficient access control and browsing enabled, which allows remote attackers to list and possibly read images that are stored in that directory.
CVE-2006-4129 1 Joomla 1 Webring Component 2026-04-16 N/A
PHP remote file inclusion vulnerability in admin.webring.docs.php in the Webring Component (com_webring) 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the component_dir parameter.
CVE-1999-0855 1 Freebsd 1 Freebsd 2026-04-16 N/A
Buffer overflow in FreeBSD gdc program.
CVE-2005-0458 1 Oscommerce 1 Oscommerce 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in contact_us.php in osCommerce 2.2-MS2 allows remote attackers to inject arbitrary web script or HTML via the enquiry parameter.
CVE-2005-0460 1 Mercuryboard 1 Mercuryboard 2026-04-16 N/A
index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to obtain sensitive information by setting the debug parameter.
CVE-2004-1506 1 Webcalendar 1 Webcalendar 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar allow remote attackers to inject arbitrary web script via (1) view_entry.php, (2) view_d.php, (3) usersel.php, (4) datesel.php, (5) trailer.php, or (6) styles.php, as demonstrated using img srg tags.
CVE-2005-1307 2 Adobe, Apple 2 Version Cue, Mac Os X 2026-04-16 N/A
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.