Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0862 | 1 Infovista | 1 Portalse | 2025-04-03 | N/A |
| Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on Solaris 8 without the IV00038969 hotfix allows remote attackers to read arbitrary files via a crafted URL. | ||||
| CVE-2006-0864 | 1 Hauri | 1 Virobot | 2025-04-03 | N/A |
| filescan in Global Hauri ViRobot 2.0 20050817 does not verify the Cookie HTTP header, which allows remote attackers to gain administrative privileges via an arbitrary cookie value. | ||||
| CVE-2006-0881 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | N/A |
| Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php in Noah's Classifieds 1.3, when register_globals is enabled, allow remote attackers to include arbitrary PHP files via the (1) upperTemplate and (2) lowerTemplate parameters, as demonstrated using the lowerTemplate parameter to index.php. | ||||
| CVE-2006-0882 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2025-04-03 | N/A |
| Directory traversal vulnerability in include.php in Noah's Classifieds 1.3 allows remote attackers to include arbitrary local files via the otherTemplate parameter to index.php. | ||||
| CVE-2006-0885 | 1 Cutephp | 1 Cutenews | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in show_news.php in CuteNews 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the show parameter. | ||||
| CVE-2005-1547 | 1 Bakbone | 1 Netvault | 2025-04-03 | N/A |
| Heap-based buffer overflow in the demo version of Bakbone Netvault, and possibly other versions, allows remote attackers to execute arbitrary commands via a large packet to port 20031. | ||||
| CVE-2006-0892 | 1 Nocc | 1 Nocc | 2025-04-03 | N/A |
| NOCC Webmail 1.0 stores e-mail attachments in temporary files with predictable filenames, which makes it easier for remote attackers to execute arbitrary code by accessing the e-mail attachment via directory traversal vulnerabilities. | ||||
| CVE-2006-0893 | 1 Nocc | 1 Nocc | 2025-04-03 | N/A |
| NOCC Webmail 1.0 allows remote attackers to obtain sensitive information via a direct request to (1) the profiles directory, which leaks e-mail addresses contained in filenames of profiles, and (2) the tmp directory, which lists names of uploaded attachments. | ||||
| CVE-2006-0895 | 1 Nocc | 1 Nocc | 2025-04-03 | N/A |
| NOCC Webmail 1.0 allows remote attackers to obtain the installation path via a direct request to html/header.php. | ||||
| CVE-2006-0918 | 1 Ritlabs | 1 The Bat | 2025-04-03 | N/A |
| Buffer overflow in RITLabs The Bat! 3.60.07 allows remote attackers to execute arbitrary code via a long Subject field. | ||||
| CVE-2006-0919 | 1 Oi | 1 Email Marketing System | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php (aka the login page) in Oi! Email Marketing System 3.0 (aka Oi! 3) allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. | ||||
| CVE-2006-0920 | 1 Oi | 1 Email Marketing System | 2025-04-03 | N/A |
| Oi! Email Marketing System 3.0 (aka Oi! 3) stores the server's FTP password in cleartext on a Configuration web page, which allows local users with superadministrator privileges, or attackers who have obtained access to the web page, to view the password. | ||||
| CVE-2006-0937 | 1 Unu Networks | 1 Mailgust | 2025-04-03 | N/A |
| U.N.U. Mailgust 1.9 allows remote attackers to obtain sensitive information via a direct request to index.php with method=showfullcsv, which reveals the POP3 server configuration, including account name and password. | ||||
| CVE-2006-0940 | 1 Cynical Games | 1 Shoutlive | 2025-04-03 | N/A |
| Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow remote attackers to execute arbitrary PHP code via variables that are written to settings.php. | ||||
| CVE-2006-0973 | 1 Phpwebsite | 1 Phpwebsite | 2025-04-03 | N/A |
| SQL injection vulnerability in topics.php in Appalachian State University phpWebSite 0.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter. | ||||
| CVE-2006-0962 | 1 Vubb | 1 Vubb | 2025-04-03 | N/A |
| SQL injection vulnerability in vuBB 0.2 allows remote attackers to execute arbitrary SQL commands via the pass parameter in a cookie. | ||||
| CVE-2006-0979 | 1 Nidelven It | 1 Issue Dealer | 2025-04-03 | N/A |
| Unspecified vulnerability in the local weblog publisher in Nidelven IT Issue Dealer before 0.9.96 has unknown impact and attack vectors. | ||||
| CVE-2006-0981 | 1 E-merge | 1 E-merge Winace | 2025-04-03 | N/A |
| Directory traversal vulnerability in e-merge WinAce 2.6 and earlier allows remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a (1) zip or (2) tar archive. | ||||
| CVE-2006-0982 | 1 Mcafee | 1 Virex | 2025-04-03 | N/A |
| The on-access scanner for McAfee Virex 7.7 for Macintosh, in some circumstances, might not activate when malicious content is accessed from the web browser, and might not prevent the content from being saved, which allows remote attackers to bypass virus protection, as demonstrated using the EICAR test file. | ||||
| CVE-2006-1000 | 1 G2soft | 1 Pentacle In-out Board | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to login.asp. | ||||