Export limit exceeded: 348219 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348219 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3909 | 1 Wired Community Software | 1 Wwwthreads | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in calendar.php in WWWthreads allows remote attackers to inject arbitrary web script or HTML via the week parameter. | ||||
| CVE-2006-3911 | 1 Php Live | 1 Php Live | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in OSI Codes PHP Live! 3.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the css_path parameter in (1) help.php and (2) setup/header.php. | ||||
| CVE-2006-3912 | 1 Rarlab | 1 Winrar | 2026-04-16 | N/A |
| Stack-based buffer overflow in the SFX module in WinRAR before 3.60 beta 8 has unspecified vectors and impact. | ||||
| CVE-2006-3914 | 1 Blackboard | 1 Blackboard Academic Suite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitrary HTML or web script by bypassing client-side validation through disabling JavaScript when submitting an essay response, which has no server-side validation before being viewed via "View Attempt Details" in the Gradebook. | ||||
| CVE-2006-3915 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2026-04-16 | N/A |
| Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by iterating over any native function, as demonstrated with the window.alert function, which triggers a null dereference. | ||||
| CVE-2006-3916 | 1 Solucija | 1 Snews | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in snews.php in sNews (aka Solucija News) 1.4 allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. | ||||
| CVE-2006-3917 | 1 R. Corson | 1 Php Forge | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in inc/gabarits.php in R. Corson PHP Forge 3 beta 2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfg_racine parameter. | ||||
| CVE-2006-3919 | 1 Sd Studio | 1 Sd Studio Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in SD Studio CMS allows remote attackers to execute arbitrary SQL commands via the (1) news_id, (2) tid, and (3) page_id parameters. | ||||
| CVE-2006-3920 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm. | ||||
| CVE-2006-3922 | 1 Portailphp | 1 Portailphp | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in mod_membre/inscription.php in PortailPHP 1.7 allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter. | ||||
| CVE-2006-3923 | 1 Fire-mouse | 1 Fire-mouse Toplist | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in add.php in Fire-Mouse Toplist 1.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the Seitenname parameter. | ||||
| CVE-2006-3924 | 1 Dokeos | 1 Dokeos | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Dokeos before 1.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2006-3925 | 1 Interactual Technologies | 1 Interactual Player | 2026-04-16 | N/A |
| Stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX control in iarecord.dll in InterActual Player before 2.6 allows remote attackers to execute arbitrary code via a long argument to the Files method. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-3927 | 1 Php Pro Bid | 1 Php Pro Bid | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in auctionsearch.php in PhpProBid 5.24 allows remote attackers to inject arbitrary web script or HTML via the advsrc parameter. | ||||
| CVE-2006-3928 | 1 Mikael Software | 1 Wmnews | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in WMNews 0.2a and earlier allows remote attackers to execute arbitrary PHP code via a URL in the base_datapath parameter. | ||||
| CVE-2006-3929 | 1 Zyxel | 1 Prestige 660h-61 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Forms/rpSysAdmin script on the Zyxel Prestige 660H-61 ADSL Router running firmware 3.40(PT.0)b32 allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the a parameter. | ||||
| CVE-2006-3930 | 1 Mamboxchange | 1 A6mambohelpdesk | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | ||||
| CVE-2006-3931 | 1 Tuomas Airaksinen | 1 Midirecord | 2026-04-16 | N/A |
| Buffer overflow in the daemon function in midirecord.cc in Tuomas Airaksinen Midirecord 2.0 allows local users to execute arbitrary code via a long command line argument (filename). NOTE: This may not be a vulnerability if Midirecord is not installed setuid. | ||||
| CVE-2006-3932 | 1 Gonafish | 1 Linkscaffe | 2026-04-16 | N/A |
| SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-3933 | 1 Alkacon | 1 Opencms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before 6.2.2 allows remote authenticated users to inject arbitrary web script or HTML via the message body. | ||||