Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2603 | 1 My Image Gallery | 1 My Image Gallery | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the (1) currDir or (2) image parameters. | ||||
| CVE-2006-3584 | 1 Jetbox | 1 Jetbox Cms | 2025-04-03 | N/A |
| Dynamic variable evaluation vulnerability in index.php in Jetbox CMS 2.1 SR1 allows remote attackers to overwrite configuration variables via URL parameters, which are evaluated as PHP variable variables. | ||||
| CVE-2006-3599 | 1 Php-nuke | 1 Advanced Classified Module | 2025-04-03 | N/A |
| SQL injection vulnerability in the Nuke Advanced Classifieds module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_ads parameter in an EditAds op. | ||||
| CVE-2006-3601 | 1 Dotnetnuke | 1 Dotnetnuke | 2025-04-03 | N/A |
| ** UNVERIFIABLE ** Unspecified vulnerability in an unspecified DNN Modules module for DotNetNuke (.net nuke) allows remote attackers to gain privileges via unspecified vectors, as used in an attack against the Microsoft France web site. NOTE: due to the lack of details and uncertainty about which product is affected, this claim is not independently verifiable. | ||||
| CVE-2006-3597 | 1 Ubuntu | 1 Ubuntu Linux | 2025-04-03 | N/A |
| passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password blank instead of locking it when the administrator selects the "Go Back" option after the final "Installation complete" message and uses the main menu, which causes the password to be zeroed out in the installer's memory. | ||||
| CVE-2006-3603 | 1 Seyeon | 1 Flexwatch Network Camera | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL. | ||||
| CVE-2005-2610 | 1 Vegadns | 1 Vegadns | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2006-3621 | 1 Dream4 | 1 Koobi Pro | 2025-04-03 | N/A |
| SQL injection vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to execute arbitrary SQL commands via the toid parameter. | ||||
| CVE-2005-1696 | 1 Postnuke Software Foundation | 1 Postnuke | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.750 and 0.760RC3 allow remote attackers to inject arbitrary web script or HTML via the (1) skin or (2) paletteid parameter to demo.php in the Xanthia module, or (3) the serverName parameter to config.php in the Multisites (aka NS-Multisites) module. | ||||
| CVE-2005-1703 | 1 Black Cactus | 1 Warrior Kings Battles | 2025-04-03 | N/A |
| Warrior Kings: Battles 1.23 and earlier allows remote attackers to cause a denial of service (server crash) via a partial join packet that triggers a NULL pointer dereference. | ||||
| CVE-2006-3667 | 1 Sybase | 1 Financial Fusion Consumer Banking Solution | 2025-04-03 | N/A |
| Unspecified vulnerability in Sybase/Financial Fusion Consumer Banking Suite versions before 20060706 has unknown impact and remote attack vectors. | ||||
| CVE-2006-3673 | 1 Armagetron | 1 Armagetron Advanced | 2025-04-03 | N/A |
| nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote attackers to cause a denial of service (application crash) via a large owner value, which causes an assert error. | ||||
| CVE-2006-3674 | 1 Armagetron | 1 Armagetron Advanced | 2025-04-03 | N/A |
| nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a large number handled by the id_req_handler function. | ||||
| CVE-2006-3672 | 1 Kde | 1 Konqueror | 2025-04-03 | N/A |
| KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument. | ||||
| CVE-2006-3675 | 1 Counterpane | 1 Passwordsafe | 2025-04-03 | N/A |
| Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the configuration settings for locking the password database when certain dialogue windows are open, which might allow attackers with physical access to obtain the database contents. | ||||
| CVE-2005-1707 | 1 Gentoo | 1 Linux Webapp-config | 2025-04-03 | N/A |
| The fn_show_postinst function in Gentoo webapp-config before 1.10-r14 allows local users to overwrite arbitrary files via a symlink attack on the postinst.txt temporary file. | ||||
| CVE-2006-3721 | 1 Oracle | 1 Enterprise Manager | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in Oracle Management Service for Oracle Enterprise Manager 10.1.0.5 and 10.2.0.1 have unknown impact and attack vectors, aka Oracle Vuln# EM03 and EM04. | ||||
| CVE-2006-3722 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-03 | N/A |
| Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle PeopleSoft Enterprise Portal 8.4 Bundle #16, 8.8 Bundle #10, and 8.9 Bundle #3 has unknown impact and attack vectors, aka Oracle Vuln# PSE01. | ||||
| CVE-1999-0076 | 1 Washington University | 1 Wu-ftpd | 2025-04-03 | N/A |
| Buffer overflow in wu-ftp from PASV command causes a core dump. | ||||
| CVE-2006-3766 | 1 Darrens 5-dollar Script Archive | 1 Osdate | 2025-04-03 | N/A |
| Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to boost their own ratings via a txtrating parameter with a score greater than the intended maximum of 10. | ||||