Export limit exceeded: 346176 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346176 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5652 | 1 Sun | 1 Iplanet Messaging Server Messenger Express | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Sun iPlanet Messaging Server Messenger Express allows remote attackers to inject arbitrary web script via the expression Cascading Style Sheets (CSS) function, as demonstrated by setting the width style for an IMG element. NOTE: this issue might be related to CVE-2006-5486, however due to the vagueness of the initial advisory and different researchers, it has been assigned a new CVE. | ||||
| CVE-2006-5653 | 1 Sun | 1 Java System Messenger Express | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the errorHTML function in the index script in Sun Java System Messenger Express 6 allows remote attackers to inject arbitrary web script or HTML via the error parameter. NOTE: this issue might be related to CVE-2006-5486, however due to the vagueness of the initial advisory and different researchers a new CVE was assigned. | ||||
| CVE-2006-5654 | 1 Sun | 2 Java System Web Server, One Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Network Security Services (NSS) in Sun Java System Web Server 6.0 before SP 10 and ONE Application Server 7 before Update 3, when SSLv2 is enabled, allows remote authenticated users to cause a denial of service (application crash) via unspecified vectors. NOTE: due to lack of details from the vendor, it is unclear whether this is related to vector 1 in CVE-2006-5201 or CVE-2006-3127. | ||||
| CVE-2006-5655 | 1 Opendocman | 1 Opendocman | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in OpenDocMan 1.2p3 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2006-5657 | 1 Vilistextum | 1 Vilistextum | 2026-04-23 | N/A |
| Multiple off-by-one errors in src/text.c in Vilistextum before 2.6.9 have unknown impact and attack vectors. | ||||
| CVE-2006-5660 | 1 Cisco | 1 Security Agent Management Center | 2026-04-23 | N/A |
| Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server. | ||||
| CVE-2006-5662 | 1 Evandor | 1 Easy Notesmanager | 2026-04-23 | N/A |
| SQL injection vulnerability in easy notesManager (eNM) 0.0.1 allows remote attackers to execute arbitrary SQL commands via (1) the username parameter in login.php and (2) a search on the "search page." | ||||
| CVE-2006-5663 | 1 Ibm | 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect | 2026-04-23 | N/A |
| IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts. | ||||
| CVE-2006-5664 | 1 Ibm | 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect | 2026-04-23 | N/A |
| The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files. | ||||
| CVE-2006-5665 | 1 Spider Friendly | 1 Spider Friendly | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin/modules_data.php in the phpBB module Spider Friendly 1.3.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2006-5667 | 1 P-book | 1 P-book | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in P-Book 1.17 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the pb_lang parameter to (1) admin.php and (2) pbook.php. | ||||
| CVE-2006-5668 | 1 Ampache | 1 Ampache | 2026-04-23 | N/A |
| Unspecified vulnerability in Ampache 3.3.2 and earlier, when register_globals is enabled, allows remote attackers to bypass security restrictions and gain guest access. | ||||
| CVE-2006-5669 | 1 Gepi | 1 Gepi | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in gestion/savebackup.php in Gepi 1.4.0 and earlier, and possibly other versions before 1.4.4, allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. | ||||
| CVE-2006-5671 | 1 Free Php Scripts | 1 Free Image Hosting | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in contact.php in Free Image Hosting 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-5670 | 1 Free Php Scripts | 1 Free Image Hosting | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in forgot_pass.php in Free Image Hosting 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. | ||||
| CVE-2006-5672 | 1 Mysource Cms | 1 Mysource Cms | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in web/init_mysource.php in MySource CMS 2.16.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_PATH parameter. | ||||
| CVE-2006-5673 | 1 Minibb | 1 Minibb | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in bb_func_txt.php in miniBB 2.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter. | ||||
| CVE-2006-5674 | 1 Minibb | 1 Minibb | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in miniBB 2.0.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter to (1) bb_func_forums.php, (2) bb_functions.php, or (3) the RSS plugin. | ||||
| CVE-2006-5676 | 1 Uni-vert | 1 Phpleague | 2026-04-23 | N/A |
| SQL injection vulnerability in consult/classement.php in Uni-Vert PhpLeague 0.82 and earlier allows remote attackers to execute arbitrary SQL commands via the champ parameter. | ||||
| CVE-2006-5677 | 1 Cluster Resources | 1 Torque Resource Manager | 2026-04-23 | N/A |
| resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 2.0.0p8 and earlier allows local users to create arbitrary files via a symlink attack on (1) a job output file in /usr/spool/PBS/spool and possibly (2) a job file in /usr/spool/PBS/mom_priv/jobs. | ||||