Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-6819 1 Alstrasoft 1 Webhost Directory 2026-04-23 N/A
AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup database via a direct request for admin/backup/db.
CVE-2006-6817 1 Alstrasoft 1 Webhost Directory 2026-04-23 N/A
AlstraSoft Web Host Directory allows remote attackers to obtain sensitive information by requesting any invalid URI, which reveals the path in an error message, a different vulnerability than CVE-2006-2617.
CVE-2006-6818 1 Alstrasoft 1 Webhost Directory 2026-04-23 N/A
AlstraSoft Web Host Directory allows remote attackers to bypass authentication and change the admin password via a direct request to admin/config.
CVE-2006-6821 1 Enthrallweb 1 Enews 2026-04-23 N/A
myprofile.asp in Enthrallweb eNews does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter.
CVE-2006-6833 1 Joomla 1 Joomla 2026-04-23 N/A
com_categories in Joomla! before 1.0.12 does not validate input, which has unknown impact and remote attack vectors.
CVE-2006-6835 1 Neocrome 1 Land Down Under 2026-04-23 N/A
SQL injection vulnerability in Journal.inc.php in Neocrome Land Down Under (LDU) 8.x and earlier allows remote attackers to execute arbitrary SQL commands via the w parameter to journal.php.
CVE-2006-6839 1 Phpbb Group 1 Phpbb 2026-04-23 N/A
Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to "criteria for 'bad' redirection targets."
CVE-2006-6840 1 Phpbb Group 1 Phpbb 2026-04-23 N/A
Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to a "negative start parameter."
CVE-2006-6841 1 Phpbb Group 1 Phpbb 2026-04-23 N/A
Certain forms in phpBB before 2.0.22 lack session checks, which has unknown impact and remote attack vectors.
CVE-2006-6843 1 Joomla 1 Be It Easypartner Component 2026-04-23 N/A
PHP remote file inclusion vulnerability in the BE IT EasyPartner 0.0.9 beta component for Joomla! allows remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-6844 1 Cmsmadesimple 1 Cms Made Simple 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the optional user comment module in CMS Made Simple 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the user comment form.
CVE-2006-6845 1 Cmsmadesimple 1 Cms Made Simple 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in CMS Made Simple 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the cntnt01searchinput parameter in a Search action.
CVE-2006-6849 1 Cahier De Textes 1 Cahier De Textes 2026-04-23 N/A
administration/index.php in Cahier de texte (CDT) 2.2 does not properly exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions.
CVE-2006-6851 1 Mobilelib 1 Mobilelib Gold 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in contact_us.php in ac4p Mobilelib gold 2 allow remote attackers to inject arbitrary web script or HTML via the (1) email or (2) errr parameter.
CVE-2006-6878 1 Php-update 1 Php-update 2026-04-23 N/A
admin/uploads.php in PHP-Update 2.7 and earlier allows remote attackers to gain privileges by setting the rights[7] parameter to 1 during a login action.
CVE-2006-7131 1 Jinzora 1 Jinzora 2026-04-23 N/A
PHP remote file inclusion vulnerability in extras/mt.php in Jinzora 2.6 allows remote attackers to execute arbitrary PHP code via the web_root parameter.
CVE-2006-7135 1 Php Poll Creator 1 Php Poll Creator 2026-04-23 N/A
PHP remote file inclusion vulnerability in lib/functions.inc.php in PHP Poll Creator (phpPC) 1.04 allows remote attackers to execute arbitrary PHP code via a URL in the relativer_pfad parameter, a different vector and version than CVE-2005-1755. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-7136 1 Phppc 1 Php Poll Creator 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in PHP Poll Creator (phpPC) 1.04 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the relativer_pfad parameter to (1) poll.php, (2) poll_kommentar.php, and (3) poll_sm.php, different vectors and version than CVE-2005-1755.
CVE-2006-7137 1 Tiny Portal 1 Tiny Portal 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in TinyPortal before 0.8.6 allows remote attackers to inject arbitrary web script or HTML via the shoutbox.
CVE-2006-7140 1 Sun 2 Solaris, Sunos 2026-04-23 N/A
The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.