Export limit exceeded: 29944 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29944 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6553 | 1 Mxbb | 1 Mxbb Newssuite | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/newssuite_constants.php in the NewsSuite 1.03 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter. | ||||
| CVE-2006-6555 | 1 Easyfill | 1 Easyfill | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in EasyFill before 0.5.1 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2006-6556 | 1 Eyeos | 1 Eyeos | 2026-04-23 | N/A |
| The eyeHome function in apps/eyeHome.eyeapp/aplic.php in EyeOS before 0.9.3-3 allows remote attackers to upload and execute arbitrary code via dangerous file extensions that are not all lowercase, which bypasses a cleansing operation. | ||||
| CVE-2006-6557 | 1 Skulls | 1 Skulls | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Skulls! before 0.2.6 have unknown impact and attack vectors, as addressed by "Many security fixes." | ||||
| CVE-2006-6558 | 1 Crob | 1 Crob Ftp Server | 2026-04-23 | N/A |
| Crob FTP Server 3.6.1 b.263 allows remote attackers to cause a denial of service via a long series of "?A" sequences in the (1) LIST and possibly (2) NLST command. | ||||
| CVE-2006-6559 | 1 Lotfian | 1 Request For Travel | 2026-04-23 | N/A |
| SQL injection vulnerability in ProductDetails.asp in Lotfian Request For Travel 1.0 allows remote attackers to execute arbitrary SQL commands via the PID parameter. | ||||
| CVE-2006-6560 | 1 Mxbb | 1 Modsdb | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/common.php in the mx_modsdb 1.0.0 module for MxBB (aka MX-System) Portal allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | ||||
| CVE-2006-6563 | 1 Proftpd Project | 1 Proftpd | 2026-04-23 | N/A |
| Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value. | ||||
| CVE-2006-6566 | 1 Mxbb | 1 Mxbb | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/profilcp_constants.php in the Profile Control Panel (CPanel) module for mxBB 0.91c allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | ||||
| CVE-2006-6567 | 1 Mxbb | 1 Kb Mods | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | ||||
| CVE-2006-6568 | 1 Mxbb | 1 Kb Mods | 2026-04-23 | N/A |
| Directory traversal vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the phpEx parameter. | ||||
| CVE-2006-6569 | 1 Genesistrader | 1 Genesistrader | 2026-04-23 | N/A |
| form.php in GenesisTrader 1.0 allows remote attackers to read source code for arbitrary files and obtain sensitive information via the (1) do and (2) chem parameters with a "modfich" floap parameter. | ||||
| CVE-2006-6570 | 1 Genesistrader | 1 Genesistrader | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in upload.php in GenesisTrader 1.0 allows remote authenticated users to upload arbitrary files via unspecified vectors, possibly involving form.php and the ajoutfich "foap" action. | ||||
| CVE-2006-6571 | 1 Genesistrader | 1 Genesistrader | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in form.php in GenesisTrader 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) cuve, (2) chem, (3) do, and possibly other parameters. | ||||
| CVE-2006-6572 | 1 Citrix | 1 Access Gateway | 2026-04-23 | N/A |
| Unspecified vulnerability in Citrix Advanced Access Control (AAC) Option 4.0, and Access Gateway 4.2 with Advanced Access Control 4.2, before 20061114, when the Browser-Only access feature is enabled, allows remote authenticated users to bypass access policies via a certain login method, a different issue than CVE-2006-4846. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-6573 | 1 Citrix | 1 Access Gateway | 2026-04-23 | N/A |
| Unspecified vulnerability in Citrix Access Gateway 4.5 Advanced Edition, and 4.2 with Advanced Access Control (AAC) 4.2, when deployed on the Access Gateway appliance 4.2 through 4.2.2 allows remote authenticated users to "gain access to data" and obtain sensitive information via unspecified vectors. | ||||
| CVE-2006-6574 | 1 Mantis | 1 Mantis | 2026-04-23 | N/A |
| Mantis before 1.1.0a2 does not implement per-item access control for Issue History (Bug History), which allows remote attackers to obtain sensitive information by reading the Change column, as demonstrated by the Change column of a custom field. | ||||
| CVE-2006-6575 | 1 Brian Drawert | 1 Yaplap | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in ldap.php in Brian Drawert Yet Another PHP LDAP Admin Project (yaplap) 0.6 and 0.6.1 allows remote attackers to execute arbitrary PHP code via a URL in the LOGIN_style parameter. | ||||
| CVE-2006-6577 | 1 Neocrome | 2 Land Down Under, Seditio | 2026-04-23 | N/A |
| SQL injection vulnerability in polls.php in Neocrome Land Down Under (LDU) 8.x and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-6579 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-23 | N/A |
| Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAM_machine and read access by IUSR_Machine. | ||||