Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1028 | 1 Joomla | 1 Joomla | 2025-04-03 | N/A |
| feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to cause a denial of service (stressed file cache) by creating many files via filenames in the feed parameter to index.php. | ||||
| CVE-2006-1030 | 1 Joomla | 1 Joomla | 2025-04-03 | N/A |
| Unspecified vulnerability in mod_templatechooser in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via an unspecified attack vector that reveals the path. | ||||
| CVE-2006-1027 | 1 Joomla | 1 Joomla | 2025-04-03 | N/A |
| feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via a "/" (slash) in the feed parameter to index.php, which reveals the path in an error message. | ||||
| CVE-2006-1037 | 1 Oracle | 2 Diagnostics, E-business Suite | 2025-04-03 | N/A |
| SQL injection vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | ||||
| CVE-2006-1038 | 1 Van Dyke Technologies | 2 Securecrt, Securefx | 2025-04-03 | N/A |
| Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string. | ||||
| CVE-2006-1036 | 1 Oracle | 1 Diagnostics | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in the Oracle Diagnostics module 2.2 and earlier have unknown impact and attack vectors, related to "permissions." | ||||
| CVE-2006-1042 | 1 Gregarius | 1 Gregarius | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) folder parameter to feed.php or (2) rss_query parameter to search.php. | ||||
| CVE-2006-1047 | 1 Joomla | 1 Joomla | 2025-04-03 | N/A |
| Unspecified vulnerability in the "Remember Me login functionality" in Joomla! 1.0.7 and earlier has unknown impact and attack vectors. | ||||
| CVE-2006-1321 | 1 Webcheck | 1 Webcheck | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in webcheck before 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the (1) url, (2) title, or (3) author name in a crawled page, which is not properly sanitized in the tooltips of a report. | ||||
| CVE-2006-1320 | 1 Rssh | 1 Rssh | 2025-04-03 | N/A |
| util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf. | ||||
| CVE-2006-1315 | 1 Microsoft | 1 Server Service | 2025-04-03 | N/A |
| The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to obtain sensitive information via crafted requests that leak information in SMB buffers, which are not properly initialized, aka "SMB Information Disclosure Vulnerability." | ||||
| CVE-2006-1325 | 1 Streber | 1 Streber | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Streber 0.055 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | ||||
| CVE-2006-1324 | 1 Woltlab | 1 Burning Board | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter when a SQL error is generated. | ||||
| CVE-2006-1327 | 1 Softbb | 1 Softbb | 2025-04-03 | N/A |
| SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote attackers to execute arbitrary SQL commands via the mail parameter. | ||||
| CVE-2006-1334 | 1 Maian Script World | 1 Maian Weblog | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) entry and (2) email parameters to (a) print.php and (b) mail.php. | ||||
| CVE-2006-1336 | 1 Extcalendar | 1 Extcalendar | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in calendar.php in ExtCalendar 1.0 and possibly other versions before 2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) year, (2) month, (3) next, and (4) prev parameters. | ||||
| CVE-2006-1576 | 1 Vscripts.pl | 1 Qlnews | 2025-04-03 | N/A |
| Direct static code injection vulnerability in QLnews 1.2 allows remote authenticated administrators to execute arbitrary PHP code by modifying config.php. | ||||
| CVE-2006-1341 | 1 Maian Events | 1 Maian Events | 2025-04-03 | N/A |
| SQL injection vulnerability in events.php in Maian Events 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters. | ||||
| CVE-2006-1350 | 1 Articlesone | 1 99articles Directory | 2025-04-03 | N/A |
| PHP remote file include vulnerability in index.php in 99Articles.com (aka ArticlesOne.com) Free articles directory allows remote attackers to include and execute arbitrary PHP code via a URL in the page parameter. | ||||
| CVE-2006-1351 | 1 Bea | 1 Weblogic Server | 2025-04-03 | N/A |
| BEA WebLogic Server 6.1 SP7 and earlier allows remote attackers to read arbitrary files via unknown attack vectors related to a "default internal servlet" accessed through HTTP. | ||||