Export limit exceeded: 347902 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347902 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4310 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FTP response, when attempting to connect with a username and password via the FTP URI. | ||||
| CVE-2006-4311 | 1 Sonium | 1 Enterprise Adressbook | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Sonium Enterprise Adressbook 0.2 allows remote attackers to execute arbitrary PHP code via the folder parameter in multiple files in the plugins directory, as demonstrated by plugins/1_Adressbuch/delete.php. | ||||
| CVE-2006-4314 | 1 Symantec | 1 Enterprise Security Manager | 2026-04-16 | N/A |
| The manager server in Symantec Enterprise Security Manager (ESM) 6 and 6.5.x allows remote attackers to cause a denial of service (hang) via a malformed ESM agent request. | ||||
| CVE-2006-4316 | 1 Ssh | 1 Tectia Manager | 2026-04-16 | N/A |
| SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user's program and restart it with root privileges. | ||||
| CVE-2006-4317 | 1 Woltlab | 1 Burning Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in attachment.php in WoltLab Burning Board (WBB) 2.3.5 allows remote attackers to inject arbitrary web script or HTML via a GIF image that contains URL-encoded Javascript. | ||||
| CVE-2006-4318 | 1 Texas Imperial Software | 1 Wftpd | 2026-04-16 | N/A |
| Buffer overflow in WFTPD Server 3.23 allows remote attackers to execute arbitrary code via long SIZE commands. | ||||
| CVE-2006-4319 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307. | ||||
| CVE-2006-4320 | 1 Opensef Project | 1 Opensef | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in sef.php in the OpenSEF 2.0.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-4322 | 1 Bits-dont-bite | 1 Estateagent | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in estateagent.php in the EstateAgent component (com_estateagent) for Mambo, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-4323 | 1 Cityforfree | 1 Indexcity | 2026-04-16 | N/A |
| SQL injection vulnerability in list.php in CityForFree indexcity 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. | ||||
| CVE-2006-4324 | 1 Cityforfree | 1 Indexcity | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in add_url2.php in CityForFree indexcity 1.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter. | ||||
| CVE-2006-4325 | 1 Doika | 1 Doika Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in gbook.php in Doika guestbook 2.5, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2006-4327 | 1 Cloudnine Interactive | 1 Links Manager | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in add_url.php in CloudNine Interactive Links Manager 2006-06-12 allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) description, or (3) keywords parameters. | ||||
| CVE-2006-4328 | 1 Cloudnine Interactive | 1 Links Manager | 2026-04-16 | N/A |
| SQL injection vulnerability in admin.php in CloudNine Interactive Links Manager 2006-06-12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the nick parameter. | ||||
| CVE-2006-3962 | 1 Mambo | 1 Bayesiannaivefilter | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in administrator/components/com_bayesiannaivefilter/lang.php in the bayesiannaivefilter component (com_bayesiannaivefilter) 1.1 for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-3621 | 1 Dream4 | 1 Koobi Pro | 2026-04-16 | N/A |
| SQL injection vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to execute arbitrary SQL commands via the toid parameter. | ||||
| CVE-2006-3622 | 1 Dream4 | 1 Koobi Pro | 2026-04-16 | N/A |
| The showtopic module in Koobi Pro CMS 5.6 allows remote attackers to obtain sensitive information via a ' (single quote) in the p parameter, which displays the path in an error message. NOTE: it is not clear whether this is SQL injection or a forced SQL error. | ||||
| CVE-2006-3623 | 1 Mcafee | 1 Epolicy Orchestrator Agent | 2026-04-16 | N/A |
| Directory traversal vulnerability in Framework Service component in McAfee ePolicy Orchestrator agent 3.5.0.x and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the directory and filename in a PropsResponse (PackageType) request. | ||||
| CVE-2006-3624 | 1 Flv | 1 Flv Player | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FLV Players 8 allow remote attackers to inject arbitrary web script or HTML via the url parameter to (1) player.php or (2) popup.php. | ||||
| CVE-2006-3625 | 1 Flv | 1 Flv Player | 2026-04-16 | N/A |
| FLV Players 8 allows remote attackers to obtain sensitive information via (1) a direct request to paginate.php or (2) an invalid p parameter to player.php, which reveal the path in an error message. | ||||