Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6408 | 1 Kaspersky Lab | 1 Kaspersky Anti-virus | 2026-04-23 | N/A |
| Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. | ||||
| CVE-2006-6421 | 1 Phpbb Group | 1 Phpbb | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the private message box implementation (privmsg.php) in phpBB 2.0.x allows remote authenticated users to inject arbitrary web script or HTML via the "Message body" field in a message to a non-existent user. | ||||
| CVE-2006-6405 | 1 Softwin | 1 Bitdefender Mail Protection | 2026-04-23 | N/A |
| BitDefender Mail Protection for SMB 2.0 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. | ||||
| CVE-2006-5610 | 1 Fully Modded Phpbb | 1 Fully Modded Phpbb | 2026-04-23 | 9.8 Critical |
| PHP remote file inclusion vulnerability in player/includes/common.php in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2006-5620 | 1 Minibill | 1 Minibill | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in include/menu_builder.php in MiniBILL 2006-10-10 (1.2.3) and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the config[page_dir] parameter, a different vector than CVE-2006-4489. | ||||
| CVE-2006-5622 | 1 Coppermine | 1 Coppermine Photo Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery 1.4.9 allows remote attackers to execute arbitrary SQL commands via the aid parameter. | ||||
| CVE-2006-2386 | 1 Microsoft | 1 Outlook Express | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Outlook Express 6 and earlier allows remote attackers to execute arbitrary code via a crafted contact record in a Windows Address Book (WAB) file. | ||||
| CVE-2006-5624 | 1 Mpcs | 1 Mpcs | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Multi-Page Comment System (MPCS) 1.0.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) include.php or (2) functions.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-5626 | 1 Phpfaber | 1 Phpfaber Content Management System | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in cms_images/js/htmlarea/htmlarea.php in phpFaber Content Management System (CMS) before 1.3.36 on 20061026 allows remote attackers to inject arbitrary web script or HTML, probably via arbitrary parameters in the query string, as demonstrated with a vigilon parameter. NOTE: earlier downloads of 1.3.36 have the vulnerability; the software was updated without changing the version number. | ||||
| CVE-2006-5627 | 1 Qnecms | 1 Qnecms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in QnECMS 2.5.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the adminfolderpath parameter to (1) headerscripts.php, (2) footerhome.php, and (3) footermain.php in admin/include/; (4) photogallery/headerscripts.php; and (5) footerhome.php, (6) footermain.php, (7) headermain.php, (8) sitemapfooter.php, and (9) sitemapheader.php in templates/. | ||||
| CVE-2006-5630 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-23 | N/A |
| Hosting Controller 6.1 before Hotfix 3.3 allows remote attackers to (1) delete the virtual directory of an arbitrary site via a modified ForumID parameter in a disableforum action in DisableForum.asp and (2) create an arbitrary forum virtual directory via an empty ForumID parameter in an enableforum action in EnableForum.asp. | ||||
| CVE-2006-5631 | 1 Ig Shop | 1 Ig Shop | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in change_pass.php in iG Shop 1.4 allows remote attackers to inject arbitrary web script or HTML via arbitrary query strings when the action parameter is not "1", as demonstrated using script in the action parameter, a different vulnerability than CVE-2006-5632. | ||||
| CVE-2006-5635 | 1 Web Wiz Forums | 1 Web Wiz Forums | 2026-04-23 | N/A |
| SQL injection vulnerability in forum/search.asp in Web Wiz Forums allows remote attackers to execute arbitrary SQL commands via the KW parameter. | ||||
| CVE-2006-5636 | 1 Sws | 1 Simple Website Software | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in common.php in Simple Website Software (SWS) 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SWSDIR parameter. | ||||
| CVE-2006-5638 | 1 Phpmyring | 1 Phpmyring | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in cherche.php in PHPMyRing 4.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) limite and (2) mots parameters. | ||||
| CVE-2006-5639 | 1 Openwbem | 1 Openwbem | 2026-04-23 | N/A |
| Unspecified vulnerability in the random number generator in OpenWBEM (Web Based Enterprise Management) 3.2.0 allows attackers to gain privileges via vectors related to "local or HTTP Digest authentication." | ||||
| CVE-2006-5643 | 1 Foresite Cms | 1 Foresite Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search_de.html in foresite CMS allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2006-5648 | 1 Ubuntu | 1 Ubuntu Linux | 2026-04-23 | 5.5 Medium |
| Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (resource consumption) by using the (1) sys_get_robust_list and (2) sys_set_robust_list functions to create processes that cannot be killed. | ||||
| CVE-2006-5650 | 1 Aol | 1 Icq | 2026-04-23 | N/A |
| The ICQPhone.SipxPhoneManager ActiveX control in America Online ICQ 5.1 allows remote attackers to download and execute arbitrary code via the DownloadAgent function, as demonstrated using an ICQ avatar. | ||||
| CVE-2006-5651 | 1 Digioz | 1 Digioz Guestbook | 2026-04-23 | N/A |
| list.php in DigiOz Guestbook before 1.7.1 allows remote attackers to obtain sensitive information via a non-numeric page parameter, which displays the installation path in the resulting error message. | ||||