Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2612 | 1 Novell | 1 Client | 2025-04-03 | N/A |
| Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the "User Name" field on the login prompt. | ||||
| CVE-2006-2616 | 1 Alstrasoft | 1 Webhost Directory | 2025-04-03 | N/A |
| SQL injection vulnerability in the search script in (1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost Directory 1.2, allows remote attackers to execute arbitrary SQL commands via the uri parameter. | ||||
| CVE-2006-2630 | 1 Symantec | 2 Client Security, Norton Antivirus | 2025-04-03 | N/A |
| Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors. | ||||
| CVE-2006-2634 | 1 Neocrome | 1 Seditio | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Neocrome Land Down Under (LDU) in Neocrome Seditio 102 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer field. | ||||
| CVE-2006-2638 | 1 Qjstudios | 1 Qjforum | 2025-04-03 | N/A |
| SQL injection vulnerability in member.asp in qjForum allows remote attackers to execute arbitrary SQL commands via the uName parameter. | ||||
| CVE-2006-2646 | 1 Alt-n | 1 Mdaemon | 2025-04-03 | N/A |
| Buffer overflow in Alt-N MDaemon, possibly 9.0.1 and earlier, allows remote attackers to execute arbitrary code via a long A0001 argument that begins with a '"' (double quote). | ||||
| CVE-2006-2643 | 1 Circle R | 1 Monster Top List | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Monster Top List (MTL) 1.4 allows remote attackers to inject arbitrary web script or HTML via the user_error_message parameter. | ||||
| CVE-2006-2644 | 1 Awstats | 1 Awstats | 2025-04-03 | N/A |
| AWStats 6.5, and possibly other versions, allows remote authenticated users to execute arbitrary code by using the configdir parameter to awstats.pl to upload a configuration file whose name contains shell metacharacters, then access that file using the LogFile directive. | ||||
| CVE-2006-2652 | 1 Wikini | 1 Wikini | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in WikiNi 0.4.2 and earlier allows remote attackers to inject arbitrary HTML and web script by editing a Wiki page to contain the script. | ||||
| CVE-2006-2655 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions. | ||||
| CVE-2006-3186 | 1 Cms Faethon | 1 Cms Faethon | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CMS Faethon 1.3.2 allow remote attackers to inject arbitrary web script or HTML via the mainpath parameter to (1) data/footer.php and (2) admin/header.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-3187 | 1 Sharky E-shop | 1 Sharky E-shop | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Sharky e-shop 3.05 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) maingroup and (2) secondgroup parameters to (a) search_prod_list.asp, and the (3) maingroup parameter to (b) meny2.asp. NOTE: it is possible that this is resultant from SQL injection or a forced SQL error. | ||||
| CVE-2006-3188 | 1 Sharky E-shop | 1 Sharky E-shop | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Sharky e-shop 3.05 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) maingroup and (2) secondgroup parameters to (a) search_prod_list.asp, and the (3) maingroup parameter to (b) meny2.asp. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-3189 | 1 Hotplug Cms | 1 Hotplug Cms | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in administration/tblcontent/login1.php in HotPlug CMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-2006-3194 | 1 Singapore | 1 Singapore | 2025-04-03 | N/A |
| Directory traversal vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) gallery and (2) template parameter. | ||||
| CVE-2006-3192 | 1 Php Web Scripts | 1 Ad Manager Pro | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in Ad Manager Pro 2.6 allows remote attackers to execute arbitrary PHP code via a URL in the (1) ipath parameter in common.php and (2) unspecified vectors in ad.php. | ||||
| CVE-2006-3196 | 1 Singapore | 1 Singapore | 2025-04-03 | N/A |
| index.php in singapore 0.10.0 and earlier allows remote attackers to obtain the installation path via an invalid template parameter, which reveals the path in an error message. | ||||
| CVE-2006-3195 | 1 Singapore | 1 Singapore | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the template parameter. | ||||
| CVE-2006-3197 | 1 Invision Power Services | 1 Invision Power Board | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.1.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a POST that contains hexadecimal-encoded HTML. | ||||
| CVE-2006-3191 | 1 Tpvgames | 1 Mpcs | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in comment.php in MPCS 0.2 allows remote attackers to inject arbitrary web script or HTML via the pageid parameter. | ||||