Export limit exceeded: 363022 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363022 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-1998 1 Openttd 1 Openttd 2026-04-16 N/A
OpenTTD 0.4.7 and earlier allows local users to cause a denial of service (application exit) via a large invalid error number, which triggers an error.
CVE-1999-0068 1 Php 1 Php 2026-04-16 N/A
CGI PHP mylog script allows an attacker to read any file on the target server.
CVE-2005-2076 1 Hp 1 Version Control Repository Manager 2026-04-16 N/A
HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the "@" character in a proxy password, which could allow attackers with physical access to obtain portions of the password when it is displayed to the screen.
CVE-2006-2000 1 Logmethods 1 Logmethods 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in /lms/a2z.jsp in logMethods 0.9 allows remote attackers to inject arbitrary web script or HTML via the kwd parameter.
CVE-2006-2002 1 Mygamingladder 1 Mygamingladder 2026-04-16 N/A
PHP remote file inclusion vulnerability in stats.php in MyGamingLadder 7.0 allows remote attackers to execute arbitrary PHP code via a URL in the dir[base] parameter.
CVE-2006-2004 1 Michael Romedahl 1 Ri Blog 2026-04-16 N/A
Multiple SQL injection vulnerabilities in RI Blog 1.1 allow remote attackers to execute arbitrary SQL command via the (1) username or (2) password fields.
CVE-2006-2122 1 Coolmenus 1 Coolmenus 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in CoolMenus allows remote attackers to execute arbitrary code via a URL in the page parameter. NOTE: the original report for this issue is probably erroneous, since CoolMenus does not appear to be written in PHP.
CVE-2006-2009 1 Phpmyagenda 1 Phpmyagenda 2026-04-16 N/A
PHP remote file inclusion vulnerability in agenda.php3 in phpMyAgenda 3.0 Final and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootagenda parameter.
CVE-2006-2011 1 4homepages 1 4images 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in member.php in 4images 1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the nickname, probably involving the user_name parameter in register.php.
CVE-2006-2012 1 Skulltag Team 1 Skulltag 2026-04-16 N/A
Format string vulnerability in Skulltag 0.96f and earlier allows remote attackers to cause a denial of service via the version string.
CVE-2006-2013 1 Web-provence 1 Sl Site 2026-04-16 N/A
SQL injection vulnerability in page.php in SL_site 1.0 allows remote attackers to execute arbitrary SQL commands via the id_page parameter. NOTE: this issue could be used to produce resultant XSS from an error message.
CVE-2006-2026 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2026-04-16 N/A
Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions."
CVE-2006-2027 1 Pablo Software Solutions 1 Quick N Easy Ftp Server 2026-04-16 N/A
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when an admin selects the Logging section in the FTP server main window. NOTE: the original researcher claims that the vendor disputes this issue.
CVE-2006-2028 1 Simplog 1 Simplog 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in imagelist.php in Jeremy Ashcraft Simplog 0.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the imagedir parameter. NOTE: this issue might be resultant from directory traversal.
CVE-2006-2029 1 Simplog 1 Simplog 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter in (a) preview.php; the (2) cid, (3) pid, and (4) eid parameters in (b) archive.php; and the (5) pid parameter in (c) comments.php.
CVE-2006-2030 1 Alliedtelesyn 1 At-9724ts 2026-04-16 N/A
The Allied Telesyn AT-9724TS switch allows remote attackers to cause a denial of service via a large amount of UDP data to the switch, which leads to unstable operation and possibly failure of the management interface or routing.
CVE-2000-1028 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument.
CVE-2006-2050 1 Dcscripts 1 Dcforumlite 2026-04-16 N/A
SQL injection vulnerability in dcboard.cgi in DCScripts DCForumLite 3.0 allows remote attackers to execute arbitrary SQL commands via the az parameter.
CVE-2006-2051 1 Nextage 1 Nextage Shopping Cart 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in myadmin/index.php in NextAge Shopping Cart allow remote attackers to inject arbitrary web script or HTML via the (1) username and (2) password parameters.
CVE-2006-2052 1 Verosky Media 1 Instant Photo Gallery 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Verosky Media Instant Photo Gallery allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action in member.php. NOTE: the original report may be inaccurate, since the "viewpro" string does not appear in the source code for version 1.0.2 of the product.