Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4464 | 1 Nokia | 1 Symbian | 2025-04-03 | N/A |
| The Nokia Browser, possibly Nokia Symbian 60 Browser 3rd edition, allows remote attackers to cause a denial of service (crash) via JavaScript that constructs a large Unicode string. | ||||
| CVE-2006-4461 | 1 Paessler | 1 Ipcheck Server Monitor | 2025-04-03 | N/A |
| Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the probe settings," which has unknown impact and attack vectors. | ||||
| CVE-2006-4473 | 1 Joomla | 1 Joomla | 2025-04-03 | N/A |
| Unspecified vulnerability in com_content in Joomla! before 1.0.11, when $mosConfig_hideEmail is set, allows attackers to perform the emailform and emailsend tasks. | ||||
| CVE-2006-4479 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in loginreq2.php in Visual Shapers ezContents 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the subgroupname parameter. | ||||
| CVE-2006-4481 | 1 Php | 1 Php | 2025-04-03 | N/A |
| The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_open function is covered by CVE-2006-1017. | ||||
| CVE-2006-4489 | 1 Ultrize | 1 Minibill | 2025-04-03 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in MiniBill 2006-07-14 (1.2.2) allow remote attackers to execute arbitrary PHP code via (1) a URL in the config[include_dir] parameter in actions/ipn.php or (2) an FTP path in the config[plugin_dir] parameter in include/initPlugins.php. | ||||
| CVE-2006-4488 | 1 Exbb | 1 Exbb Italia | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in modules/userstop/userstop.php in ExBB Italia 0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the exbb[home_path] parameter. | ||||
| CVE-2006-4496 | 1 Iwebnegar | 1 Iwebnegar | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to inject arbitrary web script or HTML via the comment parameter. | ||||
| CVE-2006-4499 | 1 Moderngigabyte | 1 Modernbill | 2025-04-03 | N/A |
| ModernBill 5.0.4 and earlier uses cURL with insecure settings for CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST that do not verify SSL certificates, which allows remote attackers to read network traffic via a man-in-the-middle (MITM) attack. | ||||
| CVE-2006-4505 | 1 Nx5 | 1 Nx5linx | 2025-04-03 | N/A |
| CRLF injection vulnerability in links.php in NX5Linx 1.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a CRLF sequence in the url parameter. | ||||
| CVE-2006-4501 | 1 Ztml | 1 Ezportal Ztml Cms | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in ezPortal/ztml CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) about, (2) album, (3) id, (4) use, (5) desc, (6) doc, (7) mname, (8) max, and possibly other parameters. | ||||
| CVE-2006-4502 | 1 Ztml | 1 Ezportal Ztml Cms | 2025-04-03 | N/A |
| ezPortal/ztml CMS 1.0 allows remote attackers to bypass authentication controls via a direct request to the "Administration Area" script. | ||||
| CVE-2006-4503 | 1 Nx5 | 1 Nx5linx | 2025-04-03 | N/A |
| Directory traversal vulnerability in link.php in NX5Linx 1.0 allows remote attackers to read arbitrary files via the logo parameter. | ||||
| CVE-2006-4529 | 1 Membrepass | 1 Membrepass | 2025-04-03 | N/A |
| SQL injection vulnerability in recherchemembre.php in membrepass 1.5. allows remote attackers to execute arbitrary SQL commands via the recherche parameter. | ||||
| CVE-2006-4530 | 1 Membrepass | 1 Membrepass | 2025-04-03 | N/A |
| Direct static code injection vulnerability in include/change.php in membrepass 1.5 allows remote attackers to execute arbitrary PHP code via the aifon parameter, which is injected into include/variable.php. | ||||
| CVE-2006-4531 | 1 Bare Concept Media | 1 Pheap Cms | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in lib/config.php in Pheap CMS 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lpref parameter. | ||||
| CVE-2006-4539 | 1 Cerberus | 1 Cerberus Helpdesk | 2025-04-03 | N/A |
| (1) includes/widgets/module_company_tickets.php and (2) includes/widgets/module_track_tickets.php Client Support Center in Cerberus Helpdesk 3.2 Build 317, and possibly earlier, allows remote attackers to bypass security restrictions and obtain sensitive information via the ticket parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-4540 | 1 Learn.com | 1 Learncenter | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in learncenter.asp in Learn.com LearnCenter allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2006-4547 | 1 Lyris | 1 List Manager | 2025-04-03 | N/A |
| Lyris ListManager 8.95 allows remote authenticated users to obtain sensitive information by attempting to add a user with a ' (single quote) character in the name, which reveals the details of the underlying SQL query, possibly because of a forced SQL error or SQL injection. | ||||
| CVE-2006-4563 | 1 Phpnuke | 1 Myheadlines | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the MyHeadlines before 4.3.2 module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the myh_op parameter to modules.php. | ||||