Export limit exceeded: 344947 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344947 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4498 | 1 Phpalbum.net | 1 Phpalbum | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in sommaire_admin.php in PhpAlbum (mod_phpalbum) 2.15 for PortailPHP allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter, a different vector than CVE-2006-3922. | ||||
| CVE-2006-4506 | 1 Netiq | 1 Identity Manager | 2026-04-16 | N/A |
| idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and eval injection. | ||||
| CVE-2006-4507 | 1 Sony | 1 Playstation Portable | 2026-04-16 | N/A |
| Unspecified vulnerability in the TIFF viewer (possibly libTIFF) in the Photo Viewer in the Sony PlaystationPortable (PSP) 2.00 through 2.80 allows local users to execute arbitrary code via crafted TIFF images. NOTE: due to lack of details, it is not clear whether this is related to other issues such as CVE-2006-3464 or CVE-2006-3465. | ||||
| CVE-2006-4508 | 2 Scatterchat, Tor | 2 Scatterchat, Tor | 2026-04-16 | N/A |
| Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x before 0.1.1.23, and (2) ScatterChat before 1.0.2, allows remote attackers operating a Tor entry node to route arbitrary Tor traffic through clients or cause a denial of service (flood) via unspecified vectors. | ||||
| CVE-2006-4523 | 1 2wire Inc | 2 Homeportal, Officeportal | 2026-04-16 | N/A |
| The web-based management interface in 2Wire, Inc. HomePortal and OfficePortal Series modems and routers allows remote attackers to cause a denial of service (crash) via a CRLF sequence in a GET request. | ||||
| CVE-2006-4524 | 1 Digiappz | 1 Freekot | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in login_verif.asp in Digiappz Freekot 1.01 allow remote attackers to execute arbitrary SQL commands via the (1) login or (2) password parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-4525 | 1 Devellion | 1 Cubecart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in CubeCart 3.0.12 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the links array. | ||||
| CVE-2006-4526 | 1 Devellion | 1 Cubecart | 2026-04-16 | N/A |
| SQL injection vulnerability in includes/content/viewCat.inc.php in CubeCart 3.0.12 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the searchArray[] parameter. | ||||
| CVE-2006-4527 | 1 Devellion | 1 Cubecart | 2026-04-16 | N/A |
| includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when magic_quotes_gpc is disabled, uses an insufficiently restrictive regular expression to validate the gateway parameter, which allows remote attackers to conduct PHP remote file inclusion attacks. | ||||
| CVE-2006-4528 | 1 Membrepass | 1 Membrepass | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in membrepass 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) recherche parameter in recherchemembre.php and the (2) email parameter in test.php. | ||||
| CVE-2006-4529 | 1 Membrepass | 1 Membrepass | 2026-04-16 | N/A |
| SQL injection vulnerability in recherchemembre.php in membrepass 1.5. allows remote attackers to execute arbitrary SQL commands via the recherche parameter. | ||||
| CVE-2006-4530 | 1 Membrepass | 1 Membrepass | 2026-04-16 | N/A |
| Direct static code injection vulnerability in include/change.php in membrepass 1.5 allows remote attackers to execute arbitrary PHP code via the aifon parameter, which is injected into include/variable.php. | ||||
| CVE-2006-4531 | 1 Bare Concept Media | 1 Pheap Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in lib/config.php in Pheap CMS 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lpref parameter. | ||||
| CVE-2006-4532 | 1 Bernard Pacques | 1 Yet Another Community System Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System (YACS) CMS 6.6.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the context[path_to_root] parameter. | ||||
| CVE-2006-4534 | 1 Microsoft | 1 Office | 2026-04-16 | N/A |
| Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors involving a crafted file resulting in a malformed stack, as exploited by malware with names including Trojan.Mdropper.Q, Mofei, and Femo. | ||||
| CVE-2006-4535 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local users to cause a denial of service (crash) via an SCTP socket with a certain SO_LINGER value, possibly related to the patch for CVE-2006-3745. NOTE: older kernel versions for specific Linux distributions are also affected, due to backporting of the CVE-2006-3745 patch. | ||||
| CVE-2006-0463 | 1 Ideosoft Design | 1 Ideocontent Manager | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in IdeoContent Manager allows remote attackers to inject arbitrary web script or HTML via the (1) goto_id parameter to index.php or (2) page parameter to news_full.php. | ||||
| CVE-2006-0464 | 1 Ideosoft Design | 1 Ideocontent Manager | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in index.php in IdeoContent Manager allow remote attackers to execute arbitrary SQL commands via the (1) goto_id or (2) mid parameter. | ||||
| CVE-2006-0465 | 1 Active121 | 1 Site Manager | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in risultati_ricerca.php in active121 Site Manager allows remote attackers to inject arbitrary web script or HTML via the cerca parameter. | ||||
| CVE-2006-0466 | 1 Goldstag | 1 Goldstag Content Management System | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in Goldstag Content Management System allows remote attackers to inject arbitrary web script or HTML via the text parameter. | ||||