Export limit exceeded: 29926 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29926 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1551 | 1 Georges Auberger | 1 Pajax | 2026-04-16 | N/A |
| Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to execute arbitrary code via the (1) $method and (2) $args parameters. | ||||
| CVE-2006-1553 | 1 Tachyon | 1 Vsns Lemon | 2026-04-16 | N/A |
| SQL injection vulnerability in functions/final_functions.php in VSNS Lemon 3.2.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-1554 | 1 Tachyon | 1 Vsns Lemon | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in VSNS Lemon 3.2.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter while adding a comment. | ||||
| CVE-2006-1555 | 1 Tachyon | 1 Vsns Lemon | 2026-04-16 | N/A |
| VSNS Lemon 3.2.0 allows remote attackers to bypass authentication and access password-protected articles by setting the vsns[topic_id] cookie to the targeted topic. | ||||
| CVE-2006-1556 | 1 Al-caricatier | 1 Al-caricatier | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in view_caricatier.php in AL-Caricatier 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) CatName, (2) CaricatierID, or (3) CatID parameter. | ||||
| CVE-2006-1557 | 1 Skintech | 1 X-changer | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in X-Changer 0.2 allow remote attackers to execute arbitrary SQL commands via the (1) from and (2) into parameters in a calculate action, and the (3) id parameter in an edit action to index.php. | ||||
| CVE-2006-1560 | 1 Skintech | 1 Phpnewsmanager | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 allow remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly (1) id and (2) topicid, in (a) browse.php, (b) category.php, (c) gallery.php, (d) poll.php, and (e) possibly other unspecified scripts. NOTE: portions of the description details are obtained from third party information. | ||||
| CVE-2006-1578 | 1 Index Data Aps | 1 Keystone Digital Library Suite | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Keystone Digital Library Suite (DLS) 1.5.4 and earlier allow remote attackers to execute arbitrary SQL commands via the subject_type_id parameter in (1) the index page and (2) the search module. | ||||
| CVE-2006-1580 | 1 Websina | 1 Bugzero | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 and other versions allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter in query.jsp and (2) entryId parameter in edit.jsp. | ||||
| CVE-2006-1581 | 1 Blanknberg | 1 Blanknberg | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in Blank'N'Berg 0.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the _path parameter. | ||||
| CVE-2006-1582 | 1 Blanknberg | 1 Blanknberg | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Blank'N'Berg 0.2 allows remote attackers to inject arbitrary web script or HTML via the _path parameter. NOTE: this might be resultant from the directory traversal issue. | ||||
| CVE-2006-1592 | 2 X-doom, Zdaemon | 2 X-doom, Zdaemon | 2026-04-16 | N/A |
| Buffer overflow in the is_client_wad_ok function in w_wad.cpp for (1) Zdaemon 1.08.01 and (2) X-Doom allows remote attackers to execute arbitrary code via a long filename argument. | ||||
| CVE-2006-2114 | 1 Sws | 1 Sws Simple Web Server | 2026-04-16 | N/A |
| Buffer overflow in SWS web Server 0.1.7 allows remote attackers to execute arbitrary code via a long request. | ||||
| CVE-2006-2115 | 1 Sws | 1 Sws Simple Web Server | 2026-04-16 | N/A |
| Format string vulnerability in SWS web Server 0.1.7 allows remote attackers to execute arbitrary code via unspecified vectors that are not properly handled in a syslog function call. | ||||
| CVE-2006-2116 | 1 Planet Concept | 1 Planetgallery | 2026-04-16 | N/A |
| planetGallery allows remote attackers to gain administrator privileges via a direct request to admin/gallery_admin.php. | ||||
| CVE-2006-2117 | 1 Extrosoft | 1 Thyme | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows remote attackers to inject arbitrary web script or HTML via the search page. | ||||
| CVE-2006-2121 | 1 I-rater | 1 I-rater Platinum | 2026-04-16 | N/A |
| PHP remote file include vulnerability in admin/config_settings.tpl.php in I-RATER Platinum allows remote attackers to execute arbitrary code via a URL in the include_path parameter. NOTE: this is a different vector, and possibly a different vulnerability, than CVE-2006-1929. | ||||
| CVE-2006-2123 | 1 Network Administration Visualized | 1 Network Administration Visualized | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the report interface in Network Administration Visualized (NAV) before 3.0.1 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2006-2126 | 1 Avalon Ltd | 1 Maxtrade | 2026-04-16 | N/A |
| SQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categori and (2) stranica parameters. | ||||
| CVE-2006-2127 | 1 Blog Mod | 1 Blog Mod | 2026-04-16 | N/A |
| SQL injection vulnerability in weblog_posting.php in Blog Mod 0.2.x allows remote attackers to execute arbitrary SQL commands via the r parameter. | ||||