Search Results (363396 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4681 1 Ibm 1 Director 2026-04-16 N/A
Directory traversal vulnerability in Redirect.bat in IBM Director before 5.10 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the file parameter.
CVE-2006-4682 1 Ibm 1 Director 2026-04-16 N/A
Multiple unspecified vulnerabilities in IBM Director before 5.10 allow remote attackers to cause a denial of service (crash) via unspecified vectors involving (1) malformed WMI CIM server requests and (2) malformed packets.
CVE-2006-4683 1 Ibm 1 Director 2026-04-16 N/A
IBM Director before 5.10 allows remote attackers to obtain sensitive information from HTTP headers via HTTP TRACE.
CVE-2000-1222 1 Ibm 1 Aix 2026-04-16 N/A
AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.
CVE-2000-1229 1 Phorum 1 Phorum 2026-04-16 N/A
Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum administrators to read arbitrary files via ".." (dot dot) sequences in the default .langfile name field in the Master Settings administrative function, which causes the file to be displayed in admin.php3.
CVE-2006-4708 1 Vikingboard 1 Vikingboard 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1b allow remote attackers to inject arbitrary web script or HTML via the (1) act parameter in (a) help.php and (b) search.php, and the (2) p parameter in report.php.
CVE-2006-4709 1 Vikingboard 1 Vikingboard 2026-04-16 N/A
SQL injection vulnerability in topic.php in Vikingboard 0.1b allows remote attackers to execute arbitrary SQL commands via the s parameter.
CVE-2006-4710 1 Newsgator 1 Feeddemon 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in NewsGator FeedDemon before 2.0.0.25 allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite.
CVE-2006-4711 1 Sage 1 Sage 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Sage allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite.
CVE-2006-4713 1 Psywerks 1 Puma 2026-04-16 N/A
PHP remote file inclusion vulnerability in config.php in PSYWERKS PUMA 1.0 RC2 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter.
CVE-2006-4714 1 Spoonlabs 1 Vivvo Article Management Cms 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the classified_path parameter.
CVE-2006-4715 1 Spoonlabs 1 Vivvo Article Management Cms 2026-04-16 N/A
SQL injection vulnerability in pdf_version.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-4716 1 Fire Soft Board 1 Fire Soft Board 2026-04-16 N/A
PHP remote file inclusion vulnerability in demarrage.php in Fire Soft Board (FSB) RC3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter.
CVE-2006-4717 1 Drupal 1 Drupal Pubcookie Module 2026-04-16 N/A
The login redirection mechanism in the Drupal 4.7 Pubcookie module before 1.2.2.4 2006/09/06 and the Drupal 4.6 Pubcookie module before 1.6.2.1 2006/09/07 allows remote attackers to bypass authentication requirements and spoof identities of arbitrary users via unspecified vectors.
CVE-2006-4718 1 Korviblog 1 Korviblog 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in livre_or.php in KorviBlog 1.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) prenom, (2) emailFrom, or (3) body parameters.
CVE-2006-4719 1 Myabracadaweb 1 Myabracadaweb 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php.
CVE-2006-4722 1 Openbb 1 Openbb 2026-04-16 N/A
PHP remote file inclusion vulnerability in Open Bulletin Board (OpenBB) 1.0.8 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) index.php and possibly (2) collector.php.
CVE-2006-4723 1 Raidenhttpd 1 Raidenhttpd 2026-04-16 N/A
PHP remote file inclusion vulnerability in raidenhttpd-admin/slice/check.php in RaidenHTTPD 1.1.49, when register_globals and WebAdmin is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the SoftParserFileXml parameter.
CVE-2006-4724 1 Adobe 1 Coldfusion 2026-04-16 N/A
Unspecified vulnerability in the ColdFusion Flash Remoting Gateway in Adobe ColdFusion MX 7 and 7.01 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors involving a crafted command.
CVE-2006-4725 1 Adobe 1 Coldfusion 2026-04-16 N/A
Adobe ColdFusion MX 7 and 7.01 allows local users to bypass security restrictions and call components (CFC) within a sandbox from CFML templates that are located outside of the sandbox.