Export limit exceeded: 350425 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350425 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1944 | 1 Sibsoft | 1 Communimail | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SibSoft CommuniMail 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the list_id parameter in mailadmin.cgi and (2) the form_id parameter in templates.cgi. | ||||
| CVE-2006-1945 | 1 Awstats | 1 Awstats | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the config parameter. NOTE: this might be the same core issue as CVE-2005-2732. | ||||
| CVE-2006-1946 | 1 Visale | 1 Visale | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Visale 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the keyval parameter in pbpgst.cgi, (2) the catsubno parameter in pblscg.cgi, and (3) the listno parameter in pblsmb.cgi. | ||||
| CVE-2006-1947 | 1 Nicplex | 1 Plexum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum X5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pagesize, (2) maxrec, and (3) startpos parameters. | ||||
| CVE-2006-1948 | 1 Ibm | 1 Lotus Notes | 2026-04-16 | N/A |
| The "Add Sender to Address Book" operation (AddSenderToAddressBook.lss) and NameHelper.lss in IBM Lotus Notes 6.0 and 6.5 before 20060331 do not properly store information in the Personal Address Book when multiple messages are checked and a message uses AltFrom, which might allow user-assisted remote attackers to trick a user into sending e-mail to an unauthorized recipient. | ||||
| CVE-2006-1949 | 1 Nicplex | 1 Plexcart | 2026-04-16 | N/A |
| SQL injection vulnerability in plexcart.pl in NicPlex PlexCart X3 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2006-1950 | 1 Perlcoders Group | 1 Bannerfarm | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in banners.cgi in PerlCoders BannerFarm 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) aff and (2) cat parameters. | ||||
| CVE-2006-1951 | 1 Solarwinds | 1 Tftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in SolarWinds TFTP Server 8.1 and earlier allows remote attackers to download arbitrary files via a crafted GET request including "....//" sequences, which are collapsed into "../" sequences by filtering. | ||||
| CVE-2006-1970 | 1 Kcscripts | 1 Portal Pack | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in classifieds/viewcat.cgi in KCScripts Classifieds, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter. | ||||
| CVE-2006-1971 | 1 Krankikom | 1 Contentboxx | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in KRANKIKOM ContentBoxX allows remote attackers to inject arbitrary web script or HTML via the action parameter. | ||||
| CVE-2006-1972 | 1 Wingnut | 1 Easygallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in EasyGallery.php in Wingnut EasyGallery allows remote attackers to inject arbitrary web script or HTML via the ordner parameter. | ||||
| CVE-2006-1973 | 1 Linksys | 1 Rt31p2 | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router allow remote attackers to cause a denial of service via malformed Session Initiation Protocol (SIP) messages. | ||||
| CVE-2006-1975 | 1 Stadtaus.com | 1 Php-gastebuch | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in guestbook_newentry.php in PHP-Gastebuch 1.61 allows remote attackers to inject arbitrary web script or HTML via the Kommentar field. | ||||
| CVE-2006-1976 | 1 Geekforgod.net | 1 Prayer Request Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in addRequest.php in Prayer Request Board (PRB) Beta 1 before 20060320 allows remote attackers to inject arbitrary web script or HTML via the Request field. | ||||
| CVE-2006-1977 | 1 Flexbb | 1 Flexbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in FlexBB 0.5.7 BETA and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) message parameters. | ||||
| CVE-2006-1978 | 1 Flexbb | 1 Flexbb | 2026-04-16 | N/A |
| SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_username COOKIE parameter. | ||||
| CVE-2006-1979 | 1 Manic Web | 1 Mwguest | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in mwguest.php in Manic Web MWGuest 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the homepage parameter. | ||||
| CVE-2006-1980 | 1 W2b | 1 Online Banking | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the (1) query string, (2) SID parameter, or (3) ilang parameter. | ||||
| CVE-2006-1981 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Unspecified vulnerability in Java InputMethods on Mac OS X 10.4.5 may cause InputMethods to send input events for secure fields to the wrong text field, which might reveal the password to others who can view the screen. | ||||
| CVE-2006-1982 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in the LZWDecodeVector function in Mac OS X before 10.4.6, as used in applications that use ImageIO or AppKit, allows remote attackers to execute arbitrary code via crafted TIFF images. | ||||