Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2102 | 1 Poweriso | 1 Poweriso | 2025-04-03 | N/A |
| Directory traversal vulnerability in PowerISO 2.9 allows remote attackers to write arbitrary files via a .. (dot dot) in a filename in an ISO image. | ||||
| CVE-2006-2109 | 1 Jsboard | 1 Jsboard | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the parse_query_str function in include/print.php in JSBoard 2.0.10 and 2.0.11, and possibly other versions before 2.0.12, allows remote attackers to inject arbitrary web script or HTML via parameters that are set as global variables within the program, as demonstrated using the table parameter to login.php. | ||||
| CVE-2006-2121 | 1 I-rater | 1 I-rater Platinum | 2025-04-03 | N/A |
| PHP remote file include vulnerability in admin/config_settings.tpl.php in I-RATER Platinum allows remote attackers to execute arbitrary code via a URL in the include_path parameter. NOTE: this is a different vector, and possibly a different vulnerability, than CVE-2006-1929. | ||||
| CVE-2006-2119 | 1 Artmedic Webdesign | 1 Artmedic Event | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in event/index.php in Artmedic Event allows remote attackers to execute arbitrary code via a URL in the page parameter. | ||||
| CVE-2006-2120 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-03 | N/A |
| The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read. | ||||
| CVE-2006-2117 | 1 Extrosoft | 1 Thyme | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows remote attackers to inject arbitrary web script or HTML via the search page. | ||||
| CVE-2006-2124 | 1 Turnkey Solutions | 1 Sunshop Shopping Cart | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) prevaction, (2) previd, (3) prevstart, (4) itemid, (5) id, and (6) action parameters in index.php. | ||||
| CVE-2006-2129 | 1 Deltascripts | 1 Pro Publish | 2025-04-03 | N/A |
| Direct static code injection vulnerability in Pro Publish 2.0 allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings, which are stored in set_inc.php. | ||||
| CVE-2006-2130 | 1 Advanced Poll | 1 Advanced Poll | 2025-04-03 | N/A |
| SQL injection vulnerability in include/class_poll.php in Advanced Poll 2.0.4 allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | ||||
| CVE-2006-2126 | 1 Avalon Ltd | 1 Maxtrade | 2025-04-03 | N/A |
| SQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categori and (2) stranica parameters. | ||||
| CVE-2006-2135 | 1 Ruperts News | 1 Ruperts News | 2025-04-03 | N/A |
| SQL injection vulnerability in login.php in Ruperts News allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2006-2134 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in /includes/kb_constants.php in Knowledge Base Mod for PHPbb 2.0.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | ||||
| CVE-2006-2136 | 1 Aznews | 1 Aznews | 2025-04-03 | N/A |
| SQL injection vulnerability in news.php in AZNEWS allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2006-2137 | 1 Openphpnuke | 1 Openphpnuke | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in master.php in OpenPHPNuke and 2.3.3 earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. | ||||
| CVE-2006-2138 | 1 Neomail | 1 Neomail | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in neomail.pl in NeoMail 1.29 allows remote attackers to inject arbitrary web script or HTML via the sessionid parameter. | ||||
| CVE-2006-2133 | 1 Boonex | 1 Barracuda | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) link_dir_target and (2) link_id_target parameter, possibly involving the link_edit functionality. | ||||
| CVE-2006-2143 | 1 Jcink | 1 Textfilebb | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in TextFileBB 1.0.16 allow remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the (1) color, (2) size, or (3) url bbcode tags. | ||||
| CVE-2006-2144 | 1 Dmcounter | 1 Dmcounter | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in kopf.php in DMCounter 0.9.2-b allows remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter. | ||||
| CVE-2006-2145 | 1 Harold Bakker | 1 Hb-ns | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in index.php in HB-NS 1.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) topic or (2) id parameter. | ||||
| CVE-2006-2146 | 1 Harold Bakker | 1 Hb-ns | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in HB-NS 1.1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) poster_name, (2) poster_email, (3) poster_homepage, or (4) message parameter. | ||||