Export limit exceeded: 337797 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29852 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29852 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5878 | 1 Edgewall Software | 1 Trac | 2025-04-09 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors. | ||||
| CVE-2006-5892 | 1 The Net Guys | 1 Aspired2poll | 2025-04-09 | N/A |
| SQL injection vulnerability in MoreInfo.asp in The Net Guys ASPired2Poll 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-5886 | 1 Dynamic Dataworx | 1 Nurealestate | 2025-04-09 | N/A |
| SQL injection vulnerability in propertysdetails.asp in Dynamic Dataworx NuRealestate (NuRems) 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the PropID parameter. | ||||
| CVE-2006-5887 | 1 Dynamic Dataworx | 1 Nuschool | 2025-04-09 | N/A |
| SQL injection vulnerability in CampusNewsDetails.asp in Dynamic Dataworx NuSchool 1.0 allows remote attackers to execute arbitrary SQL commands via the NewsID parameter. | ||||
| CVE-2006-5889 | 1 Brewblogger | 1 Brewblogger | 2025-04-09 | N/A |
| SQL injection vulnerability in printLog.php in BrewBlogger (BB) 1.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-5891 | 1 Superfreaker Studios | 1 Ustore | 2025-04-09 | N/A |
| SQL injection vulnerability in detail.asp in Superfreaker Studios UStore 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2006-5893 | 1 Iwonder Designs | 1 Storystream | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) mysql.php and (2) mysqli.php in include/classes/pear/DB/. | ||||
| CVE-2006-5898 | 1 Phpheaven | 1 Phpmychat | 2025-04-09 | N/A |
| Directory traversal vulnerability in localization/languages.lib.php3 in PhpMyChat 0.14.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the ChatPath parameter. | ||||
| CVE-2006-5910 | 1 Campware.org | 1 Campsite | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Campware Campsite before 20061110 allow remote attackers to execute arbitrary PHP code via a URL in the g_documentRoot parameter to (1) bugreporter/thankyou.php and (2) feedback/thankyou.php in implementation/management/priv/. | ||||
| CVE-2006-5903 | 1 Rahul Jonna | 1 Gspace | 2025-04-09 | N/A |
| Rahul Jonna Gmail File Space (GSpace) allows remote attackers to perform virtual filesystem actions via e-mail messages with certain subject lines, as demonstrated by (1) a GSPACE "2174|1|1|1|gs:/ d$" message, which injects a new file into the filesystem; and (2) a GSPACE "|-135|1|1|0|gs:/ d$" message, which creates a folder. | ||||
| CVE-2006-5904 | 1 Mwchat Pro | 1 Mwchat Pro | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in MWChat Pro 7.0 allow remote attackers to execute arbitrary PHP code via a URL in the CONFIG[MWCHAT_Libs] parameter to (1) about.php, (2) buddy.php, (3) chat.php, (4) dialog.php, (5) head.php, (6) help.php, (7) index.php, and (8) license.php, different vectors than CVE-2005-1869. | ||||
| CVE-2006-5907 | 1 Jean-christophe Ramos | 2 Ban, Pls-bannieres | 2025-04-09 | N/A |
| SQL injection vulnerability in modules/bannieres/bannieres.php in Jean-Christophe Ramos SCRIPT BANNIERES (aka ban 0.1 and PLS-Bannieres 1.21) allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-5908 | 1 Lucas Rodriguez San Pedro | 1 Yet Another News System | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in the login_user function in yans.func.php in Lucas Rodriguez San Pedro Yet Another News System (YANS) 0.2b allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. | ||||
| CVE-2006-5912 | 1 Campware.org | 1 Campsite | 2025-04-09 | N/A |
| Unspecified vulnerability in Campware Campsite before 2.6.2 has unknown impact and attack vectors, related to a "Security fix for you-know-what," possibly related to encrypted passwords. | ||||
| CVE-2006-5914 | 1 Samedia | 1 Landshop | 2025-04-09 | N/A |
| SQL injection vulnerability in ls.php in SAMEDIA LandShop allows remote attackers to execute arbitrary SQL commands via the infield parameter. NOTE: the start, search_order, search_type, and search_area parameters are already covered by CVE-2005-4018. | ||||
| CVE-2006-5915 | 1 Samedia | 1 Landshop | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ls.php in SAMEDIA LandShop allow remote attackers to inject arbitrary web script or HTML via the (1) start, (2) CAT_ID, (3) keyword, (4) search_area, (5) search_type, (6) infield, or (7) search_order parameter. | ||||
| CVE-2006-5916 | 1 Intego | 1 Virusbarrier | 2025-04-09 | N/A |
| Intego VirusBarrier X4 allows context-dependent attackers to bypass virus protection by quickly injecting many infected files into the filesystem, which prevents VirusBarrier from processing all the files. | ||||
| CVE-2006-5917 | 1 Omnistar Interactive | 1 Omnistar Article Manager | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in OmniStar Article Manager allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in (a) articles/comments.php and (b) articles/article.php, and the (2) page_id parameter in (c) articles/pages.php. | ||||
| CVE-2006-5918 | 1 Php Rapid Kill | 1 Php Rapid Kill | 2025-04-09 | N/A |
| Unrestricted file upload vulnerability in RapidKill (aka PHP Rapid Kill) 5.7 Pro, and certain other versions, allows remote attackers to upload and execute arbitrary PHP scripts via the "Link to Download" field. NOTE: it is possible that the field value is restricted to files on specific public web sites. | ||||
| CVE-2006-5920 | 1 Yuuki Yoshizawa | 1 Exporia | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in common.php in Yuuki Yoshizawa Exporia 0.3.0 allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. NOTE: SecurityFocus disputes this issue, saying "further analysis reveals that the application is not vulnerable." NOTE: this issue may overlap CVE-2006-5113 | ||||