Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5483 1 Freebsd 1 Freebsd 2025-04-09 N/A
p1003_1b.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by setting a scheduler policy, which should only be settable by root.
CVE-2006-5491 1 Ceary 1 Ultracms 2025-04-09 N/A
Multiple SQL injection vulnerabilities in include/index.php in UltraCMS 0.9 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters.
CVE-2006-5490 1 Middlebury College 1 Segue Cms 2025-04-09 N/A
Multiple SQL injection vulnerabilities in Segue Content Management System (CMS) before 1.5.8 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2006-5502 1 Aol 1 Aol 2025-04-09 N/A
Heap-based buffer overflow in the AOL.PicDownloadCtrl.1 ActiveX control (YGPPicDownload.dll) 9.2.3.0 in America Online (AOL) 9.0 Security Edition allows remote attackers to execute arbitrary code via the AddPictureNoAlbum method, a different vulnerability than CVE-2006-5501.
CVE-2006-5503 1 Simple Machines 1 Simple Machines Forum 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in index.php in Simple Machines Forum (SMF) 1.1 RC2 allows remote attackers to inject arbitrary web script or HTML via the action parameter.
CVE-2006-5510 1 Bluevirus-design 1 Ph Pexplorer 2025-04-09 N/A
Directory traversal vulnerability in explorer_load_lang.php in PH Pexplorer 0.24 allows remote attackers to include arbitrary local files via ".." sequences in the Language cookie, as demonstrated by uploading a .gif file that contains PHP code.
CVE-2006-6116 1 Fipsasp 1 Fipsforum 2025-04-09 N/A
SQL injection vulnerability in default2.asp in fipsForum 2.6 and earlier allows remote attackers to execute arbitrary SQL commands via the kat parameter.
CVE-2006-6126 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure.
CVE-2006-6179 1 Trend Micro 1 Officescan 2025-04-09 N/A
Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\CgiRemoteInstall.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1089 allows remote attackers to execute arbitrary code via unknown attack vectors.
CVE-2006-6205 1 Enthrallweb 1 Ehomes 2025-04-09 N/A
Multiple cross-site scripting (XSS) vulnerabilities in result.asp in Enthrallweb eHomes allow remote attackers to inject arbitrary web script or HTML via the (1) city or (2) State parameter.
CVE-2006-6223 1 Google 2 Mini Search Appliance, Search Appliance 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in Google Search Appliance and Google Mini allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded q parameter.
CVE-2006-6224 1 Puntal 1 Puntal 2025-04-09 N/A
PHP remote file inclusion vulnerability in the installation scripts in Puntal before 1.8.5 allows remote attackers to execute arbitrary PHP code via the GLOBALS array.
CVE-2006-6232 1 Dreamcost 1 Dreamaccount 2025-04-09 N/A
PHP remote file inclusion vulnerability in admin/index.php in DreamAccount 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
CVE-2006-6231 1 Vubb 1 Vubb 2025-04-09 N/A
vuBB 0.2.1 and earlier allows remote attackers to obtain sensitive information via a direct request to includes/vubb.php, which leaks the path in an error message.
CVE-2006-6250 1 Songbird 1 Songbird Media Player 2025-04-09 N/A
Format string vulnerability in Songbird Media Player 0.2 and earlier allows remote attackers to cause a denial of service (crash) via an M3U Playlist file containing extended ASCII, which causes the Unicode converter to be invoked.
CVE-2006-6266 1 Microsoft 1 Teredo 2025-04-09 N/A
Teredo clients, when following item 6 of RFC4380 section 5.2.3, start direct IPv6 connectivity tests (aka ping tests) in response to packets from non-Teredo source addresses, which might allow remote attackers to induce Teredo clients to send packets to third parties.
CVE-2006-6279 1 Alexphpteam 1 Alex Guestbook 2025-04-09 N/A
index.php in @lex Guestbook 4.0.1 allows remote attackers to obtain sensitive information via a skin parameter referencing a nonexistent skin, which reveals the installation path in an error message.
CVE-2006-6277 1 Contentserv 1 Contentserv 2025-04-09 N/A
Directory traversal vulnerability in admin/FileServer.php in ContentServ 4.x allows remote attackers to read arbitrary files via a .. (dot dot) in the src parameter, a different vector than CVE-2005-3086.
CVE-2006-6287 1 Atomix Productions 1 Atomixmp3 2025-04-09 N/A
Stack-based buffer overflow in AtomixMP3 2.3 and earlier allows remote attackers to execute arbitrary code via a long pathname in an M3U file.
CVE-2006-6294 1 Frisk Software 1 F-prot Antivirus 2025-04-09 N/A
Multiple unspecified vulnerabilities in FRISK Software F-Prot Antivirus before 4.6.7 have unspecified impact and attack vectors. NOTE: this might be related to CVE-2006-6293, but it is not clear due to the vagueness of the report.