Search

Expected end of text, found '.' (at char 50), (line:1, col:51)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (344952 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2244 1 Web4future 1 News Portal 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Web4Future News Portal allow remote attackers to execute arbitrary SQL commands via the ID parameter to (1) comentarii.php or (2) view.php.
CVE-2006-2245 1 Phpbb Group 1 Phpbb-auction 2026-04-16 N/A
PHP remote file inclusion vulnerability in auction\auction_common.php in Auction mod 1.3m for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2002-0897 1 Intranet-server 1 Localweb2000 2026-04-16 N/A
LocalWEB2000 2.1.0 web server allows remote attackers to bypass access restrictions for restricted files via a URL that contains the "/./" directory.
CVE-2005-3871 1 Jbb 1 Jbb 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Joels Bulletin board (JBB) 0.9.9rc3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) nr parameter in topiczeigen.php, (2) forum and (3) zeigeseite parameters in showforum.php, (4) forum parameter in newtopic.php, and (5) tidnr parameter in neuerbeitrag.php.
CVE-2006-3736 1 Mambo 1 Videodb 2026-04-16 N/A
PHP remote file inclusion vulnerability in core/videodb.class.xml.php in the VideoDB component for Mambo 0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2005-3874 1 Weaverslave 1 Netzbrett 2026-04-16 N/A
SQL injection vulnerability in netzbr.php in Netzbrett 1.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the p_entry parameter in an entry command to index.php.
CVE-2006-2261 1 Acal 1 Acal 2026-04-16 N/A
PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
CVE-2002-0902 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remote attackers to execute Javascript as other phpBB users by including a http:// and a double-quote (") in the [IMG] tag, which bypasses phpBB's security check, terminates the src parameter of the resulting HTML IMG tag, and injects the script.
CVE-2002-0904 1 Kismet 1 Kismet 2026-04-16 N/A
SayText function in Kismet 2.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters (backtick or pipe) in the essid argument.
CVE-2005-3876 1 Td-systems 2 Adc2000 Ng Pro, Adc2000 Ng Pro Lite 2026-04-16 N/A
Multiple SQL injection vulnerabilities in adcbrowres.php in AD Center ADC2000 NG Pro 1.2 and NG Pro Lite allow remote attackers to execute arbitrary SQL commands via the (1) cat and (2) lang parameters.
CVE-2006-2294 1 Timobraun 1 Dynamic Galerie 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Dynamic Galerie 1.0 allows remote attackers to inject arbitrary web script or HTML via the pfad parameter in (1) index.php and (2) galerie.php. NOTE: this issue might be resultant from directory traversal.
CVE-2002-0909 1 Matsushita Research 1 Mnews 2026-04-16 N/A
Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long environment variables (7) JNAMES or (8) MAILSERVER.
CVE-2006-2302 1 Duware 1 Dugallery 2026-04-16 N/A
SQL injection vulnerability in admin_default.asp in DUGallery 2.x allows remote attackers to execute arbitrary SQL commands via the (1) Login or (2) password field.
CVE-2002-0910 1 Debian 1 Netstd 2026-04-16 N/A
Buffer overflows in netstd 3.07-17 package allows remote DNS servers to execute arbitrary code via a long FQDN reply, as observed in the utilities (1) linux-ftpd, (2) pcnfsd, (3) tftp, (4) traceroute, or (5) from/to.
CVE-2002-0914 1 Double Precision Incorporated 1 Courier Mta 2026-04-16 N/A
Double Precision Courier e-mail MTA allows remote attackers to cause a denial of service (CPU consumption) via a message with an extremely large or negative value for the year, which causes a tight loop.
CVE-2006-2318 1 Ideal Science 1 Idealbb 2026-04-16 N/A
Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server.
CVE-2005-3880 1 Omnistar Interactive 1 Omnistar Kbase 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Omnistar KBase 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in users/comments.php, (2) category_id and (3) id parameters in users/kb.php.
CVE-2005-3881 1 Altantisfaq 1 Altantis Knowledge Base Software 2026-04-16 N/A
SQL injection vulnerability in search.php in AtlantisFAQ Knowledge Base Software 2.03 and earlier allows remote attackers to execute arbitrary SQL commands via the searchStr parameter.
CVE-2002-0915 1 Harald Hoyer 2 Autorun, Xandros Desktop Os 2026-04-16 N/A
autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file.
CVE-2006-2328 1 Angelinecms 1 Angelinecms 2026-04-16 N/A
SQL injection vulnerability in lib/adodb/server.php in AngelineCMS 0.6.5 and earlier might allow remote attackers to execute arbitrary SQL commands via the query string.