Export limit exceeded: 355315 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (355315 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5839 | 1 Phpadventure | 1 Phpadventure | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in ad_main.php in PHPAdventure 1.1-Alpha and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _mygamefile parameter. | ||||
| CVE-2006-5841 | 1 Dodos Scripts | 1 Dodosmail | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in dodosmail.php in DodosMail 2.0.1 and earlier, and possibly 2.1, allow remote attackers to execute arbitrary PHP code via a URL in the (1) dodosmail_header_file or (2) dodosmail_footer_file parameters. | ||||
| CVE-2006-5842 | 1 Unicore | 1 Unicore Client | 2026-04-23 | N/A |
| The keystore file in Unicore Client before 5.6 build 5, when running on Unix systems, has insecure default permissions, which allows local users to obtain sensitive information. | ||||
| CVE-2006-5843 | 1 Speedywiki | 1 Speedywiki | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Speedywiki 2.0 allows remote attackers to inject arbitrary web script or HTML via the showRevisions parameter. | ||||
| CVE-2006-5869 | 1 Pstotext | 1 Pstotext | 2026-04-23 | N/A |
| pstotext before 1.9 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a file name. | ||||
| CVE-2006-5844 | 1 Speedywiki | 1 Speedywiki | 2026-04-23 | N/A |
| Speedywiki 2.0 allows remote attackers to obtain the full path of the web server via the (1) showRevisions[] and (2) searchText[] parameters in (a) index.php, and (b) a direct request to upload.php without any parameters. | ||||
| CVE-2006-5845 | 1 Speedywiki | 1 Speedywiki | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in index.php in Speedywiki 2.0 allows remote authenticated users to upload and execute arbitrary PHP code by setting the upload parameter to 1. | ||||
| CVE-2006-5846 | 1 Freewebshop | 1 Freewebshop | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to read and include arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2006-5773. | ||||
| CVE-2006-5847 | 1 Freewebshop | 1 Freewebshop | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter. | ||||
| CVE-2006-5849 | 1 Irayoblog | 1 Irayoblog | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in inc/irayofuncs.php in IrayoBlog alpha-0.2.4 allows remote attackers to execute arbitrary PHP code via a URL in the irayodirhack parameter. | ||||
| CVE-2006-5850 | 1 Essen | 1 Essentia Web Server | 2026-04-23 | N/A |
| Stack-based buffer overflow in Essentia Web Server 2.15 for Windows allows remote attackers to execute arbitrary code via a long URI, as demonstrated by a GET or HEAD request. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-5851 | 1 Openbase International Ltd | 1 Openbase | 2026-04-23 | N/A |
| openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328. | ||||
| CVE-2006-5852 | 1 Openbase International Ltd | 1 Openbase | 2026-04-23 | N/A |
| Untrusted search path vulnerability in openexec in OpenBase SQL before 10.0.1 allows local users to gain privileges via a modified PATH that references a malicious helper binary, as demonstrated by (1) cp, (2) rm, and (3) killall, different vectors than CVE-2006-5327. | ||||
| CVE-2006-5853 | 1 Immediacy | 1 Immediacy .net Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in logon.aspx in Immediacy CMS (Immediacy .NET CMS) 5.2 allows remote attackers to inject arbitrary web script or HTML via the lang parameter, which is returned to the client in a lang cookie. | ||||
| CVE-2006-5854 | 1 Novell | 1 Netware Client | 2026-04-23 | N/A |
| Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions. | ||||
| CVE-2006-5855 | 1 Ibm | 1 Tivoli Storage Manager | 2026-04-23 | N/A |
| Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message. | ||||
| CVE-2006-5856 | 1 Adobe | 1 Download Manager | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file. | ||||
| CVE-2006-5857 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2026-04-23 | N/A |
| Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering. | ||||
| CVE-2006-5858 | 2 Adobe, Microsoft | 3 Coldfusion, Jrun, Internet Information Services | 2026-04-23 | N/A |
| Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote attackers to read arbitrary files, list directories, or read source code via a double URL-encoded NULL byte in a ColdFusion filename, such as a CFM file. | ||||
| CVE-2006-5859 | 1 Adobe | 1 Coldfusion | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 7.0 and 7.0.1, when Global Script Protection is not enabled, allows remote attackers to inject arbitrary HTML and web script via unknown vectors, possibly related to Linkdirect.cfm, Topnav.cfm, and Welcomedoc.cfm. | ||||