Export limit exceeded: 363160 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363160 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2967 | 1 Syworks | 1 Safenet | 2026-04-16 | N/A |
| Syworks SafeNET allows local users to bypass restrictions on network resource consumption by editing the policy.dat file. | ||||
| CVE-2006-2970 | 1 L0j1k | 1 Tinymuw | 2026-04-16 | N/A |
| videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain sensitive information via a certain id parameter, probably with an invalid value, which reveals the path in an error message. | ||||
| CVE-2006-2971 | 1 Overkill | 1 Overkill | 2026-04-16 | N/A |
| Integer overflow in the recv_packet function in 0verkill 0.16 allows remote attackers to cause a denial of service (daemon crash) via a UDP packet with fewer than 12 bytes, which results in a long length value to the crc32 function. | ||||
| CVE-2006-2972 | 1 Arantius | 1 Vice Stats | 2026-04-16 | N/A |
| SQL injection vulnerability in vs_resource.php in Arantius Vice Stats 0.5b and 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2006-2975 | 1 Pbl Guestbook | 1 Pbl Guestbook | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the (1) name, (2) email, and (3) website parameter, which bypasses XSS protection mechanisms that check for SCRIPT tags but not IMG. NOTE: portions of this description's details are obtained from third party information. | ||||
| CVE-2006-2978 | 1 Mafia Moblog | 1 Mafia Moblog | 2026-04-16 | N/A |
| Mafia Moblog 0.6M1 and earlier allows remote attackers to obtain the installation path in an error message via a direct request to (1) big.php and (2) upgrade.php. | ||||
| CVE-2006-2996 | 1 Lovecompass | 1 Aepartner | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in inc/design.inc.php in LoveCompass aePartner 0.8.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the dir[data] parameter. | ||||
| CVE-2006-2997 | 1 Zms Publishing | 1 Zms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ZMS 2.9 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the raw parameter in the search field. | ||||
| CVE-2006-2998 | 1 Free Qboard | 1 Free Qboard | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in board/post.php in free QBoard 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the qb_path parameter. | ||||
| CVE-2006-2999 | 1 Okscripts | 1 Quicklinks | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in OkScripts QuickLinks 1.1 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2006-3000 | 1 Okscripts | 1 Okarticles | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in OkScripts OkArticles 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2006-3004 | 1 Scriptsez | 1 Ez Ringtone Manager | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone Manager allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in player.php and (2) keyword parameter when performing a search. | ||||
| CVE-2006-3005 | 1 Gentoo | 2 Linux, Media-libs Jpeg | 2026-04-16 | N/A |
| The JPEG library in media-libs/jpeg before 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted JPEG file that exceeds the intended memory limits. | ||||
| CVE-2006-3006 | 1 Ifoto | 1 Ifoto | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in iFoto 0.20, and possibly other versions before 0.50, allows remote attackers to inject arbitrary HTML or web script via a base64-encoded file parameter. | ||||
| CVE-2006-3007 | 1 Nullsoft | 1 Shoutcast Server | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SHOUTcast 1.9.5 allow remote attackers to inject arbitrary HTML or web script via the DJ fields (1) Description, (2) URL, (3) Genre, (4) AIM, and (5) ICQ. | ||||
| CVE-2006-3020 | 1 Planete Afrique | 1 Ws-album | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FullPhoto.asp in WS-Album 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) image and (2) PublisedDate parameters. | ||||
| CVE-2006-3021 | 1 Blue-collar Productions | 1 I-gallery | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in BlueCollar i-Gallery 4.1 PLUS and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) n and (2) d parameters in (a) login.asp and the d parameter in (b) igallery.asp. | ||||
| CVE-2006-3022 | 1 Fipsasp | 1 Fipsgallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in zoom.php in fipsGallery 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter. | ||||
| CVE-2006-3023 | 1 Uapplication | 1 Uphotogallery | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in thumbnails.asp in Uapplication Uphotogallery 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) s and (2) block parameters. | ||||
| CVE-2006-3027 | 1 Enthrallweb | 1 Ephotos | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Enthrallwebe ePhotos 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) CAT_ID parameter in (a) subphotos.asp and (b) subLevel2.asp, the (2) AL_ID parameter in (c) photo.asp, and the (3) SUB_ID parameter in (d) subLevel2.asp. | ||||