Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2609 | 1 Artmedic Webdesign | 1 Artmedic Newsletter | 2026-04-16 | N/A |
| artmedic newsletter 4.1.2 and possibly other versions, when register_globals is enabled, allows remote attackers to modify arbitrary files and execute arbitrary PHP code via the email parameter to newsletter_log.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2610 | 1 Spiffyjr | 1 Phpraid | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in view.php in phpRaid 2.9.5 allows remote attackers to inject arbitrary web script or HTML via the (1) URL query string and the (2) Sort parameter. | ||||
| CVE-2006-2611 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in includes/Sanitizer.php in the variable handler in MediaWiki 1.6.x before r14349 allows remote attackers to inject arbitrary Javascript via unspecified vectors, possibly involving the usage of the | (pipe) character. | ||||
| CVE-2006-2612 | 1 Novell | 1 Client | 2026-04-16 | N/A |
| Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the "User Name" field on the login prompt. | ||||
| CVE-1999-0537 | 2 Microsoft, Netscape | 2 Internet Explorer, Communicator | 2026-04-16 | N/A |
| A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc. | ||||
| CVE-2006-2670 | 1 Calendarscripts.com | 1 Chatpat | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ChatPat 1.0 allow remote attackers to inject arbitrary web script or HTML via a chat message in (1) fastchat.php and (2) fastshow.php. | ||||
| CVE-1999-0539 | 2026-04-16 | N/A | ||
| A trust relationship exists between two Unix hosts. | ||||
| CVE-2006-2672 | 1 Interquest Internet Services | 1 Realty Pro One | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Realty Pro One allow remote attackers to inject arbitrary web script or HTML via the (1) listingid parameter to (a) images.php, (b) index_other.php, or (c) request_info.php; (2) propertyid parameter to (d) searchlookup.php, (3) id parameter to (e) images.php, or (4) agentid parameter to (f) request_info.php. NOTE: some of these issues might be resultant from SQL injection. | ||||
| CVE-1999-0541 | 2026-04-16 | N/A | ||
| A password for accessing a WWW URL is guessable. | ||||
| CVE-1999-0546 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The Windows NT guest account is enabled. | ||||
| CVE-2006-2680 | 1 Php4script | 1 Az Photo Album Script Pro | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in AZ Photo Album Script Pro allows remote attackers to inject arbitrary web script or HTML via the gazpart parameter. | ||||
| CVE-1999-0547 | 2026-04-16 | N/A | ||
| An SSH server allows authentication through the .rhosts file. | ||||
| CVE-2006-2688 | 1 Achievo | 1 Achievo | 2026-04-16 | N/A |
| SQL injection vulnerability in the employees node (class.employee.inc) in Achievo 1.1.0 and earlier and 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the atkselector parameter. | ||||
| CVE-2006-2689 | 1 Eva-web | 1 Eva-web | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EVA-Web 2.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) debut_image parameter in (a) article-album.php3, (2) date parameter in (b) rubrique.php3, and the (3) perso and (4) aide parameters to (c) an unknown script, probably index.php. | ||||
| CVE-1999-0551 | 1 Hp | 1 Openmail | 2026-04-16 | N/A |
| HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests. | ||||
| CVE-2006-2702 | 1 Wordpress | 1 Wordpress | 2026-04-16 | N/A |
| vars.php in WordPress 2.0.2, possibly when running on Mac OS X, allows remote attackers to spoof their IP address via a PC_REMOTE_ADDR HTTP header, which vars.php uses to redefine $_SERVER['REMOTE_ADDR']. | ||||
| CVE-1999-0564 | 2026-04-16 | N/A | ||
| An attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled. | ||||
| CVE-2006-2703 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack. | ||||
| CVE-2006-2704 | 1 Secure Elements | 1 C5 Enterprise Vulnerability Management | 2026-04-16 | N/A |
| Secure Elements Class 5 AVR server and client (aka C5 EVM) before 2.8.1 send messages in cleartext, which allows remote attackers to read sensitive vulnerability information. | ||||
| CVE-2006-2705 | 1 Secure Elements | 1 C5 Enterprise Vulnerability Management | 2026-04-16 | N/A |
| Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause an unspecified denial of service via a large number of forged client registration messages. | ||||