Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5318 1 Nayco 1 Jasmine 2026-04-23 N/A
PHP remote file inclusion vulnerability in index.php in Nayco JASmine (aka Jasmine-Web) allows remote attackers to execute arbitrary PHP code via an FTP URL in the section parameter.
CVE-2006-5316 1 Phplibre 1 Registrotl 2026-04-23 N/A
registroTL stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for /usuarios.dat.
CVE-2006-5315 1 Phplibre 1 Registrotl 2026-04-23 N/A
PHP remote file inclusion vulnerability in main.php in registroTL allows remote attackers to execute arbitrary PHP code via an ftp:// URL in the page parameter.
CVE-2006-5314 1 Phplibre 1 Tribunalibre 2026-04-23 N/A
PHP remote file inclusion vulnerability in ftag.php in TribunaLibre 3.12 Beta allows remote attackers to execute arbitrary PHP code via a URL in the mostrar parameter.
CVE-2006-5312 1 Phpbb 1 Ajax Shoutbox 2026-04-23 N/A
PHP remote file inclusion vulnerability in shoutbox.php in the Ajax Shoutbox 0.0.5 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5311 1 Buzlas 1 Buzlas 2026-04-23 N/A
PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in Buzlas 2006-1 Full allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5309 1 Phpbb 1 Prillian French 2026-04-23 N/A
PHP remote file inclusion vulnerability in language/lang_french/lang_prillian_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5307 1 Afgb 1 Afgb Guestbook 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in AFGB GUESTBOOK 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the Htmls parameter in (1) add.php, (2) admin.php, (3) look.php, or (4) re.php.
CVE-2006-5305 1 Phpbb 1 Lat2cyr 2026-04-23 N/A
PHP remote file inclusion vulnerability in lat2cyr.php in the lat2cyr 1.0.1 and earlier phpbb module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5303 1 Securecomputing 1 Safeword Remoteaccess 2026-04-23 N/A
Secure Computing SafeWord RemoteAccess 2.1 allows local users to obtain the UserCenter webportal password, database encryption keys, and signing keys by reading (1) base-64 encoded data in SERVERS\Web\Tomcat\usercenter\WEB-INF\login.conf and (2) plaintext data in SERVERS\Shared\signers.cfg. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-5300 1 Hp 1 Version Control Agent 2026-04-23 N/A
Unspecified vulnerability in HP Version Control Agent before 2.1.5 allows remote authenticated users to obtain "unauthorized access" to a remote Repository Manager account and potentially gain privileges via unspecified vectors.
CVE-2006-5299 1 Gcontact 1 Gcontact 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Gcontact 0.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2006-5403 1 Symantec 4 Automated Support Assistant, Norton Antivirus, Norton Internet Security and 1 more 2026-04-23 N/A
Stack-based buffer overflow in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
CVE-2006-6964 1 Mailenable 1 Mailenable Professional 2026-04-23 N/A
MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.
CVE-2006-6951 1 Odysseus Blog 1 Odysseus Blog 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in blog.php in OdysseusBlog allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2006-6950 1 Conti 1 Ftpserver 2026-04-23 N/A
Directory traversal vulnerability in Conti FTPServer 1.0 Build 2.8 allows remote attackers to read arbitrary files and list arbitrary directories via a .. (dot dot) in a filename argument.
CVE-2006-5398 1 Simplog 1 Simplog 2026-04-23 N/A
SQL injection vulnerability in comments.php in Simplog 0.9.3.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2006-6949 1 Conti 1 Ftpserver 2026-04-23 N/A
Conti FTPServer 1.0 Build 2.8 stores user passwords in cleartext in MyServerSettings.ini, which allows local users to obtain sensitive information by reading this file.
CVE-2006-6948 1 Myodbc 1 Myodbc 2026-04-23 N/A
MyODBC Japanese conversion edition 3.51.06, 2.50.29, and 2.50.25 allows remote attackers to cause a denial of service via a certain string in a response, which has unspecified impact on the MySQL database.
CVE-2006-6945 1 Virtuemart 1 Virtuemart 2026-04-23 N/A
SQL injection vulnerability in Virtuemart 1.0.7 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to (1) Itemid, (2) product_id, and category_id parameters as handled in virtuemart_parser.php.