Export limit exceeded: 364592 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2225 | 1 Dxmsoft | 1 Xm Easy Personal Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in XM Easy Personal FTP Server 4.3 and earlier allows remote attackers to execute arbitrary code, probably via a USER command with a long username. | ||||
| CVE-2006-2226 | 1 Dxmsoft | 1 Xm Easy Personal Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in XM Easy Personal FTP Server 4.2 and 5.0.1 allows remote authenticated users to cause a denial of service via a long argument to the PORT command. | ||||
| CVE-2006-2227 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in misc.php in PunBB 1.2.11 allows remote attackers to inject arbitrary web script or HTML via the req_message parameter, because the value of the redirect_url parameter is not sanitized. | ||||
| CVE-2006-2230 | 1 Xine | 1 Xine | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack vectors involve a user-assisted, local command line argument of a non-setuid program, this issue might not be a vulnerability. | ||||
| CVE-2006-2231 | 1 Big Webmaster | 1 Big Webmaster Guestbook Script | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in addguest.cgi in Big Webmaster Guestbook Script 1.02 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) site, (3) city, (4) state, (5) country, and possibly (6) name fields, which are viewed via viewguest.cgi. | ||||
| CVE-2006-2232 | 1 Scriptsez | 1 Cute Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Scriptsez Cute Guestbook 20060211 allows remote attackers to inject arbitrary web script or HTML via the Comments field when signing the guestbook. | ||||
| CVE-2006-2233 | 1 Banktown | 1 Btcxctl20com Activex Control | 2026-04-16 | N/A |
| Buffer overflow in BankTown Client Control (aka BtCxCtl20Com) 1.4.2.51817, and possibly 1.5.2.50209, allows remote attackers to execute arbitrary code via a long string in the first argument to SetBannerUrl. NOTE: portions of these details are obtained from third party information. | ||||
| CVE-2006-2234 | 1 Tyrocms | 1 Tyrocms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in TyroCMS beta 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) a javascript URI in an img BBCode tag, or a JavaScript event in a (2) url BBCode tag or (3) color BBCode tag. | ||||
| CVE-2006-2235 | 1 Codemunkyx | 1 Simple Poll | 2026-04-16 | N/A |
| CodeMunkyX (aka free-php.net) Simple Poll 1.0, when authentication is not required for the admin directory, allows remote attackers to gain administrative privileges by appending /admin/ to the top-level URI of the application. | ||||
| CVE-2006-2236 | 1 Id Software | 4 Quake 3 Arena, Quake 3 Engine, Return To Castle Wolfenstein and 1 more | 2026-04-16 | N/A |
| Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) Return to Castle Wolfenstein 1.41, and (3) Quake III Arena 1.32b allows remote attackers to execute arbitrary commands via a long remapShader command. | ||||
| CVE-2006-2240 | 1 Fujitsu | 4 Netshelter Fw, Netshelter Fw-l, Netshelter Fw-m and 1 more | 2026-04-16 | N/A |
| Unspecified vulnerability in the (1) web cache or (2) web proxy in Fujitsu NetShelter/FW allows remote attackers to cause a denial of service (device unresponsiveness) via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite. | ||||
| CVE-2006-2242 | 1 Acftp | 1 Acftp | 2026-04-16 | N/A |
| acFTP 1.4 allows remote attackers to cause a denial of service (application crash) via a long string with "{" (brace) characters to the USER command. | ||||
| CVE-2006-2243 | 1 Web4future | 1 News Portal | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Web4Future News Portal allow remote attackers to inject arbitrary web script or HTML via the ID parameter to (1) comentarii.php or (2) view.php. NOTE: this issue might be resultant from SQL injection. | ||||
| CVE-2006-2244 | 1 Web4future | 1 News Portal | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Web4Future News Portal allow remote attackers to execute arbitrary SQL commands via the ID parameter to (1) comentarii.php or (2) view.php. | ||||
| CVE-2006-2246 | 1 Uapplication | 1 Ublog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in UBlog 1.6 Access Edition allows remote attackers to inject arbitrary web script or HTML via text fields when adding a blog entry. | ||||
| CVE-2006-2261 | 1 Acal | 1 Acal | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | ||||
| CVE-2006-2262 | 1 Singapore | 1 Singapore | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9.7 allows remote attackers to inject arbitrary web script or HTML via the image parameter. | ||||
| CVE-2006-2263 | 1 Virtual Programming | 1 Vp-asp | 2026-04-16 | N/A |
| SQL injection vulnerability in shopcurrency.asp in VP-ASP 6.00 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2006-2265 | 1 Ocean12 Technologies | 1 Calendar Manager Pro | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in admin/main.asp in Ocean12 Calendar Manager Pro 1.00 allows remote attackers to inject arbitrary web script or HTML via the date parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2266 | 1 Chirpy | 1 Chirpy | 2026-04-16 | N/A |
| SQL injection vulnerability in Chirpy! 0.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | ||||