Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2087 1 Hitachi 4 Groupmax Integrated Desktop, Groupmax Mail, Groupmax World Wide Web and 1 more 2026-04-16 N/A
The Gmax Mail client in Hitachi Groupmax before 20060426 allows remote attackers to cause a denial of service (application hang or erroneous behavior) via an attachment with an MS-DOS device filename.
CVE-2006-2088 1 Devsyn 1 Open Bulletin Board 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Devsyn Open Bulletin Board (OpenBB) 1.0.6 allow remote attackers to inject arbitrary web script or HTML via (1) the FID parameter in board.php and (2) the TID parameter in read.php. NOTE: the SQL injection issues are already covered by CVE-2005-1612 (read.php) and CVE-2005-2566 (board.php).
CVE-2006-2089 1 Mysmartbb 1 Mysmartbb 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in misc.php in MySmartBB 1.1.x allow remote attackers to inject arbitrary web script or HTML via the (1) id and (2) username parameters.
CVE-2006-2091 1 Vwar 1 Virtual War 2026-04-16 N/A
admin.php in Virtual War (VWar) 1.5 and versions before 1.2 allows remote attackers to obtain sensitive information via an invalid vwar_root parameter, which reveals the path in an error message.
CVE-2006-2092 1 Hp 1 Storageworks Secure Path Windows 2026-04-16 N/A
Unspecified vulnerability in HP StorageWorks Secure Path for Windows 4.0C-SP2 before 20060419 allows remote attackers to cause an unspecified denial of service via unknown vectors.
CVE-2006-2096 1 Neocrome 1 Land Down Under 2026-04-16 N/A
plug.php in Land Down Under (LDU) 802 and earlier allows remote attackers to obtain sensitive information via an invalid (1) month or (2) year parameter, which reveals the path in an error message.
CVE-2006-2097 1 Invision Power Services 1 Invision Power Board 2026-04-16 N/A
SQL injection vulnerability in func_msg.php in Invision Power Board (IPB) 2.1.4 allows remote attackers to execute arbitrary SQL commands via the from_contact field in a private message (PM).
CVE-2006-2098 1 Php Thumbnail Autoindex 1 Php Thumbnail Autoindex 2026-04-16 N/A
PHP remote file inclusion vulnerability in Thumbnail AutoIndex before 2.0 allows remote attackers to execute arbitrary PHP code via (1) README.html or (2) HEADER.html.
CVE-2006-2099 1 Ezb Systems 1 Ultraiso 2026-04-16 N/A
Directory traversal vulnerability in UltraISO 8.0.0.1392 allows remote attackers to write arbitrary files via a .. (dot dot) in a filename in an ISO image.
CVE-2006-2100 1 Magic Iso Maker 1 Magic Iso Maker 2026-04-16 N/A
Directory traversal vulnerability in Magic ISO 5.0 Build 0166 allows remote attackers to write arbitrary files via a .. (dot dot) in a filename in an ISO image.
CVE-2006-2102 1 Poweriso 1 Poweriso 2026-04-16 N/A
Directory traversal vulnerability in PowerISO 2.9 allows remote attackers to write arbitrary files via a .. (dot dot) in a filename in an ISO image.
CVE-2006-2104 1 Kmail 1 Kmail 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing Email System (kmail) 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) d parameter to main.php, ordner parameter to (2) main.php, or (3) webdisk.php, (4) draft parameter to compose.php, or (5) m, or (6) y parameter to calendar.php.
CVE-2006-2105 1 Jupiter Cms 1 Jupiter Cms 2026-04-16 N/A
Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 and 1.1.5 allows remote attackers to read arbitrary files via ".." sequences terminated by a %00 (null) character in the n parameter.
CVE-2006-2106 1 Edgewall Software 1 Trac 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Edgewall Software Trac 0.9.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors related to a "wiki macro."
CVE-2006-2109 1 Jsboard 1 Jsboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the parse_query_str function in include/print.php in JSBoard 2.0.10 and 2.0.11, and possibly other versions before 2.0.12, allows remote attackers to inject arbitrary web script or HTML via parameters that are set as global variables within the program, as demonstrated using the table parameter to login.php.
CVE-2006-2110 1 Virtual Private Server 1 Vserver 2026-04-16 N/A
Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x before 2.1.1-rc18 provides certain context capabilities (ccaps) that allow local guest users to perform operations that were only intended to be allowed by the guest-root.
CVE-2006-2114 1 Sws 1 Sws Simple Web Server 2026-04-16 N/A
Buffer overflow in SWS web Server 0.1.7 allows remote attackers to execute arbitrary code via a long request.
CVE-2006-2115 1 Sws 1 Sws Simple Web Server 2026-04-16 N/A
Format string vulnerability in SWS web Server 0.1.7 allows remote attackers to execute arbitrary code via unspecified vectors that are not properly handled in a syslog function call.
CVE-2006-2116 1 Planet Concept 1 Planetgallery 2026-04-16 N/A
planetGallery allows remote attackers to gain administrator privileges via a direct request to admin/gallery_admin.php.
CVE-2006-2117 1 Extrosoft 1 Thyme 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows remote attackers to inject arbitrary web script or HTML via the search page.