Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5915 1 Samedia 1 Landshop 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ls.php in SAMEDIA LandShop allow remote attackers to inject arbitrary web script or HTML via the (1) start, (2) CAT_ID, (3) keyword, (4) search_area, (5) search_type, (6) infield, or (7) search_order parameter.
CVE-2006-5919 1 Activecampaign 1 Knowledgebuilder 2026-04-23 N/A
PHP remote file inclusion vulnerability in admin/e_data/visEdit_control.class.php in ActiveCampaign KnowledgeBuilder 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the visEdit_root parameter, a different vector than CVE-2003-1131.
CVE-2006-5924 1 Efficientip 1 Ipmanager 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in Efficient IP iPmanager (IPm) 2.3 allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter. NOTE: the provenance of this information is unknown; details are obtained from third party sources.
CVE-2006-5927 1 Asp Scripter 2 Easy Portal, Live Support 2026-04-23 N/A
SQL injection vulnerability in cpLogin.asp in ASP Scripter Easy Portal 1.4 and Live Support 1.3 allows remote attackers to execute arbitrary SQL commands via the Password parameter.
CVE-2006-5931 1 Aigaion 1 Aigaion 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Aigaion Web based bibliography management system 1.2.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the DIR parameter to certain PHP scripts in (1) lib/actions/, (2) lib/displays/, (3) lib/editforms/, (4) lib/functions/, (5) scheme/, and (6) the root directory. NOTE: the provenance of this information is unknown; details are obtained from third party sources.
CVE-2006-5934 1 Iexpress 1 Estate Agent Manager 2026-04-23 N/A
SQL injection vulnerability in admin/default.asp in Estate Agent Manager 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the UserName field.
CVE-2006-5945 1 Mginternet 1 Car Site Manager 2026-04-23 N/A
Multiple SQL injection vulnerabilities in MGinternet Car Site Manager (CSM) allow remote attackers to execute arbitrary SQL commands via the (1) p parameter to (a) csm/asp/detail.asp, or the (2) l, (3) typ, or (4) loc parameter to (b) csm/asp/listings.asp.
CVE-2006-5948 1 Ringsworld 1 Phppeanuts 2026-04-23 N/A
PHP remote file inclusion vulnerability in pntUnit/Inspect.php in phpPeanuts 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the Include parameter.
CVE-2006-6497 2 Mozilla, Redhat 4 Firefox, Seamonkey, Thunderbird and 1 more 2026-04-23 N/A
Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown attack vectors.
CVE-2006-6506 1 Mozilla 1 Firefox 2026-04-23 N/A
The "Feed Preview" feature in Mozilla Firefox 2.0 before 2.0.0.1 sends the URL of the feed when requesting favicon.ico icons, which results in a privacy leak that might allow feed viewing services to determine browsing habits.
CVE-2006-6569 1 Genesistrader 1 Genesistrader 2026-04-23 N/A
form.php in GenesisTrader 1.0 allows remote attackers to read source code for arbitrary files and obtain sensitive information via the (1) do and (2) chem parameters with a "modfich" floap parameter.
CVE-2006-6573 1 Citrix 1 Access Gateway 2026-04-23 N/A
Unspecified vulnerability in Citrix Access Gateway 4.5 Advanced Edition, and 4.2 with Advanced Access Control (AAC) 4.2, when deployed on the Access Gateway appliance 4.2 through 4.2.2 allows remote authenticated users to "gain access to data" and obtain sensitive information via unspecified vectors.
CVE-2006-6580 1 Scriptphp 1 Pronews 2026-04-23 N/A
admin/change.php in ProNews 1.5 does not check whether a user is permitted to change news items, which allows remote attackers to add or delete information within an item, and possibly have other impacts. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-6591 1 Exlor 1 Exlor 2026-04-23 N/A
PHP remote file inclusion vulnerability in fonctions/template.php in EXlor 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the repphp parameter.
CVE-2006-6605 1 Mailenable 3 Mailenable Enterprise, Mailenable Professional, Mailenable Standard 2026-04-23 N/A
Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command.
CVE-2006-6608 1 Hp 2 Proliant Integrated Lights Out, Proliant Integrated Lights Out 2 2026-04-23 N/A
Unspecified vulnerability in SSH key based authentication in HP Integrated Lights Out (iLO) 1.70 through 1.87, and iLO 2 1.00 through 1.11, on Proliant servers, allows remote attackers to "gain unauthorized access."
CVE-2006-6612 1 Phpmycms 1 Phpmycms 2026-04-23 N/A
PHP remote file inclusion vulnerability in basic.inc.php in PhpMyCms 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the basepath_start parameter.
CVE-2006-6614 2 Debian, Thomas Lange 2 Debian Linux, Fully Automated Installation 2026-04-23 N/A
The save_log_local function in Fully Automatic Installation (FAI) 2.10.1, and possibly 3.1.2, when verbose mode is enabled, stores the root password hash in /var/log/fai/current/fai.log, whose file permissions allow it to be copied to other hosts when fai-savelog is called and allows attackers to obtain the hash.
CVE-2006-6619 6 Avg, Comodo, Filseclab and 3 more 6 Antivirus Plus Firewall, Comodo Personal Firewall, Personal Firewall and 3 more 2026-04-23 N/A
AVG Anti-Virus plus Firewall 7.5.431 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.
CVE-2006-6622 6 Avg, Comodo, Filseclab and 3 more 6 Antivirus Plus Firewall, Comodo Personal Firewall, Personal Firewall and 3 more 2026-04-23 N/A
Soft4Ever Look 'n' Stop (LnS) 2.05p2 before 20061215 relies on the Process Environment Block (PEB) to identify a process, which allows local users to bypass the product's controls on a process by spoofing the (1) ImagePathName, (2) CommandLine, and (3) WindowTitle fields in the PEB.