Export limit exceeded: 345573 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345573 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29894 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29894 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6838 | 1 Rediff | 1 Bol Downloader Activex Ocx Control | 2025-04-09 | N/A |
| Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to execute arbitrary files, and obtain sensitive information (usernames and pathnames), via a URL in the url vbscript parameter. | ||||
| CVE-2006-6839 | 1 Phpbb Group | 1 Phpbb | 2025-04-09 | N/A |
| Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to "criteria for 'bad' redirection targets." | ||||
| CVE-2006-6840 | 1 Phpbb Group | 1 Phpbb | 2025-04-09 | N/A |
| Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to a "negative start parameter." | ||||
| CVE-2006-6841 | 1 Phpbb Group | 1 Phpbb | 2025-04-09 | N/A |
| Certain forms in phpBB before 2.0.22 lack session checks, which has unknown impact and remote attack vectors. | ||||
| CVE-2006-6842 | 1 Codemonkeyx | 1 Acronym Mod | 2025-04-09 | N/A |
| SQL injection vulnerability in admin/admin_acronyms.php in the Acronym Mod 0.9.5 for phpBB2 Plus 1.53 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-6843 | 1 Joomla | 1 Be It Easypartner Component | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in the BE IT EasyPartner 0.0.9 beta component for Joomla! allows remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6844 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the optional user comment module in CMS Made Simple 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the user comment form. | ||||
| CVE-2006-6845 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in CMS Made Simple 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the cntnt01searchinput parameter in a Search action. | ||||
| CVE-2006-6846 | 1 Cybercoded | 1 While You Were Out Inout Board | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in While You Were Out (WYWO) InOut Board 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the num parameter in (a) phonemessage.asp, (2) the catcode parameter in (b) faqDsp.asp, and the (3) Username and (4) Password fields in (c) login.asp. | ||||
| CVE-2006-6847 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | N/A |
| An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the RealPlayer.OpenURLInPlayerBrowser method with a long second argument. | ||||
| CVE-2006-6849 | 1 Cahier De Textes | 1 Cahier De Textes | 2025-04-09 | N/A |
| administration/index.php in Cahier de texte (CDT) 2.2 does not properly exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions. | ||||
| CVE-2006-6850 | 1 Shadowed Works | 1 Shadowed Portal | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in include.php in the Roster Module (character_roster) in Shadowed Portal 5.7 allows remote attackers to execute arbitrary PHP code via a URL in the mod_root parameter. | ||||
| CVE-2006-6851 | 1 Mobilelib | 1 Mobilelib Gold | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in contact_us.php in ac4p Mobilelib gold 2 allow remote attackers to inject arbitrary web script or HTML via the (1) email or (2) errr parameter. | ||||
| CVE-2006-6853 | 1 Mozilla | 1 Durian Web Application Server | 2025-04-09 | N/A |
| Buffer overflow in Durian Web Application Server 3.02 freeware on Windows allows remote attackers to execute arbitrary code via a long string in a crafted packet to TCP port 4002. | ||||
| CVE-2006-6878 | 1 Php-update | 1 Php-update | 2025-04-09 | N/A |
| admin/uploads.php in PHP-Update 2.7 and earlier allows remote attackers to gain privileges by setting the rights[7] parameter to 1 during a login action. | ||||
| CVE-2006-6854 | 1 De Marchi Daniele | 1 Quickcam | 2025-04-09 | N/A |
| The qcamvc_video_init function in qcamvc.c in De Marchi Daniele QuickCam VC Linux device driver (aka quickcam-vc) 1.0.9 and earlier does not properly check a boundary, triggering memory corruption, which might allow attackers to execute arbitrary code via a crafted QuickCam object. | ||||
| CVE-2006-6855 | 1 Aidex | 1 Mini-webserver | 2025-04-09 | N/A |
| AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to cause a denial of service (daemon crash) via a flood of HTTP GET requests, possibly related to display of HTTP log data by the GUI. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-6856 | 1 Webtext | 1 Webtext | 2025-04-09 | N/A |
| Direct static code injection vulnerability in WebText CMS 0.4.5.2 and earlier allows remote attackers to inject arbitrary PHP code into a script in wt/users/ via the im parameter during a profile edit (edycja) operation, which is then executed via a direct request for this script. | ||||
| CVE-2006-6857 | 1 Docebolms | 1 Docebolms | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in modules/credits/credits.php in Docebo LMS allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | ||||
| CVE-2006-6858 | 1 Miredo | 1 Miredo | 2025-04-09 | N/A |
| Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote attackers to impersonate an arbitrary Teredo client. | ||||