Export limit exceeded: 345004 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345004 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345004 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2909 | 1 Picozip | 1 Picozip | 2026-04-16 | N/A |
| Stack-based buffer overflow in the info tip shell extension (zipinfo.dll) in PicoZip 4.01 allows remote attackers to execute arbitrary code via a long filename in an (1) ACE, (2) RAR, or (3) ZIP archive, which is triggered when the user moves the mouse over the archive. | ||||
| CVE-2006-3101 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error, (2) SSL, and (3) Ok parameters. | ||||
| CVE-2006-2682 | 1 Back-end | 1 Back-end Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in BE_config.php in Back-End CMS 0.7.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _PSL[classdir] parameter. | ||||
| CVE-2006-2910 | 1 Cowon America | 1 Jetaudio | 2026-04-16 | N/A |
| Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed. | ||||
| CVE-2006-2683 | 1 Open-medium | 1 Open-medium Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in 404.php in open-medium.CMS 0.25 allows remote attackers to execute arbitrary PHP code via a URL in the REDSYS[MYPATH][TEMPLATES] parameter. | ||||
| CVE-2006-2911 | 1 Hotwebscripts | 1 Cms Mundo | 2026-04-16 | N/A |
| SQL injection vulnerability in controlpanel/index.php in CMS Mundo before 1.0 build 008 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2006-2684 | 1 Hotwebscripts | 1 Cms Mundo | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the search module in CMS Mundo 1.0 allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter. | ||||
| CVE-2006-2687 | 1 Agtc Websolutions | 1 Php-agtc Membership System | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in adduser.php in PHP-AGTC Membership System 1.1a and earlier allows remote attackers to inject arbitrary web script or HTML via the email address (useremail parameter). | ||||
| CVE-2006-2688 | 1 Achievo | 1 Achievo | 2026-04-16 | N/A |
| SQL injection vulnerability in the employees node (class.employee.inc) in Achievo 1.1.0 and earlier and 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the atkselector parameter. | ||||
| CVE-2006-2690 | 1 Eva-web | 1 Eva-web | 2026-04-16 | N/A |
| An unspecified script in EVA-Web 2.1.2 and earlier, probably index.php, allows remote attackers to obtain the full path of the web server via invalid (1) perso or (2) aide parameters. | ||||
| CVE-2006-2691 | 1 Amule | 1 Amule | 2026-04-16 | N/A |
| Unspecified "information leakage" vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to access arbitrary images, including dynamically generated images, via unknown vectors. | ||||
| CVE-2006-2692 | 1 Amule | 1 Amule | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to read arbitrary image, HTML, or PHP files via unknown vectors, probably related to directory traversal. | ||||
| CVE-2006-2693 | 1 Nivisec | 1 Hacks List | 2026-04-16 | N/A |
| Directory traversal vulnerability in admin/admin_hacks_list.php in Nivisec Hacks List 1.20 and earlier for phpBB, when register_globals is enabled, allows remote attackers to read arbitrary files via a ".." in the phpEx parameter. | ||||
| CVE-2006-2912 | 1 Out Of The Trees Web Design | 1 Selectapix | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in SelectaPix 1.31 allow remote attackers to execute arbitrary SQL commands via the (1) albumID parameter to (a) view_album.php or (b) index.php, (2) imageID parameter to (c) popup.php, or (3) username and (4) password parameters to (d) admin/member.php. | ||||
| CVE-2006-2694 | 1 Scriptscenter | 1 Ezupload Pro | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in EzUpload Pro 2.10 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) form.php, (2) customize.php, and (3) initialize.php. | ||||
| CVE-2006-2913 | 1 Out Of The Trees Web Design | 1 Selectapix | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SelectaPix 1.31 allows remote attackers to inject arbitrary web script or HTML via the albumID parameter to (1) popup.php and (2) view_album.php. | ||||
| CVE-2006-2695 | 1 Dgnews | 1 Dgnews | 2026-04-16 | N/A |
| admin/upprocess.php in DGNews 1.5 and earlier allows remote attackers to execute arbitrary code by uploading scripts with arbitrary extensions to the img directory. | ||||
| CVE-2006-2914 | 1 Deluxebb | 1 Deluxebb | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in DeluxeBB 1.06 allows remote attackers to execute arbitrary code via a URL in the templatefolder parameter to (1) postreply.php, (2) posting.php, (3) and pm/newpm.php in the deluxe/ directory, and (4) postreply.php, (5) posting.php, and (6) pm/newpm.php in the default/ directory. | ||||
| CVE-2006-2696 | 1 Easy-content Forums | 1 Easy-content Forums | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) startletter parameter in userview.asp and the (2) catid parameter in topics.asp. | ||||
| CVE-2006-2697 | 1 Easy-content Forums | 1 Easy-content Forums | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) startletter parameter in userview.asp and the (2) forumname parameter in topics.asp. | ||||