Export limit exceeded: 47217 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5103 1 Bbsnew 1 Bbsnew 2026-04-23 N/A
PHP remote file inclusion vulnerability in admin/index2.php in bbsNew 2.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the "right" parameter.
CVE-2006-5105 1 Forum One 1 Syntaxcms 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in SyntaxCMS 1.1.1 through 1.3 allow remote attackers to execute arbitrary PHP code via a URL in (1) the init_path parameter to admin/testing/tests/0030_init_syntax.php, or (2) an unspecified parameter to admin/testing/index.php. NOTE: the 0004_init_urls.php vector is already covered by CVE-2006-5055.
CVE-2006-5099 1 Andreas Gohr 1 Dokuwiki 2026-04-23 N/A
lib/exec/fetch.php in DokuWiki before 2006-03-09e, when conf[imconvert] is configured to use ImageMagick, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) w and (2) h parameters, which are not filtered when invoking convert.
CVE-2006-5096 1 Virtuemart 1 Virtuemart Joomla Ecommerrce Edition Cms 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in VirtueMart (formerly known as mambo-phpShop) Joomla! eCommerce Edition CMS 1.0.11, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the Itemid parameter in a (1) com_contact or (2) subscribe action.
CVE-2006-5100 1 Netwin 1 Webnews 2026-04-23 N/A
PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WN_BASEDIR parameter.
CVE-2006-5133 1 Steve Poulsen 1 Guildftpd 2026-04-23 N/A
Buffer overflow in GuildFTPd 0.999.13 allows remote attackers to have an unknown impact, possibly code execution related to input containing "globbing chars."
CVE-2006-5090 1 Phoenix Evolution 1 Phoenix Evolution Cms 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Phoenix Evolution CMS (PECMS) allow remote attackers to inject arbitrary web script or HTML via the (1) mod or (2) action parameters in index.php, or the (3) pageid parameter in modules/pageedit/index.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-5089 1 My-bic 1 My-bic 2026-04-23 N/A
PHP remote file inclusion vulnerability in mybic_server.php in Jim Plush My-BIC 0.6.5 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. CVE disputes this vulnerability because the file variable is defined before use in a way that prevents arbitrary inclusion
CVE-2006-5091 1 Hp 1 Hp-ux 2026-04-23 N/A
Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server (Samba) allows local users to gain privileges or obtain "unauthorized access" via unspecified vectors.
CVE-2006-5086 1 Pixel Motion 1 Pixel Motion Blog 2026-04-23 N/A
Blog Pixel Motion 2.1.1 allows remote attackers to change the username and password for the admin user via a direct request to insere_base.php with modified (1) login and (2) pass parameters. NOTE: this issue was claimed to be SQL injection by the original researcher, but it is not.
CVE-2006-5087 1 Evobb 1 Evobb 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in evoBB 0.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter in (1) track.php or (2) connect.php.
CVE-2006-5092 1 A-blog 1 A-blog 2026-04-23 N/A
PHP remote file inclusion vulnerability in navigation/menu.php in A-Blog 2 allows remote attackers to execute arbitrary PHP code via a URL in the navigation_start parameter.
CVE-2006-5106 1 Facileforms 1 Facileforms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in FacileForms before 1.4.7 for Mambo and Joomla!, when either register_globals or RG_EMULATION is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2006-5281 1 Navyism 1 N At Board 2026-04-23 N/A
PHP remote file inclusion vulnerability in naboard_pnr.php in n@board 3.1.9e and earlier allows remote attackers to execute arbitrary PHP code via a URL in the skin parameter.
CVE-2006-5285 1 Xeoport 1 Xeoport 2026-04-23 N/A
SQL injection vulnerability in index.php in XeoPort 0.81, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the xp_body_text parameter.
CVE-2006-5078 1 Polaring 1 Polaring 2026-04-23 N/A
PHP remote file inclusion vulnerability in view/general.php in Kristian Niemi Polaring 00.04.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[dirMain] parameter.
CVE-2006-5076 1 Back-end 1 Back-end Cms 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End 0.4.5 allow remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter in (1) admin/index.php, (2) Facts.php, or (3) search.php.
CVE-2006-5079 1 Php Arena 1 Pabugs 2026-04-23 N/A
PHP remote file inclusion vulnerability in class.mysql.php in Matt Humphrey paBugs 2.0 Beta 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_to_bt_dir parameter.
CVE-2006-4980 2 Python, Redhat 3 Python, Enterprise Linux, Network Satellite 2026-04-23 N/A
Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.
CVE-2006-5072 1 Mono 1 Mono 2026-04-23 N/A
The System.CodeDom.Compiler classes in Novell Mono create temporary files with insecure permissions, which allows local users to overwrite arbitrary files or execute arbitrary code via a symlink attack.