Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1428 | 1 Php Labs | 1 Jobsitepro | 2026-04-23 | N/A |
| SQL injection vulnerability in search.php in PHP Labs JobSitePro 1.0 allows remote attackers to execute arbitrary SQL commands via the salary parameter. | ||||
| CVE-2007-2613 | 1 Wikkawiki | 1 Wikkawiki | 2026-04-23 | N/A |
| WikkaWiki (Wikka Wiki) before 1.1.6.3 allows attackers in a shared virtual host server environment to upload and execute an arbitrary configuration file by modifying the WAKKA_CONFIG environment variable. | ||||
| CVE-2006-5863 | 1 Otterware | 1 Letterit2 | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in inc/session.php for LetterIt 2 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter. | ||||
| CVE-2006-5930 | 1 Aigaion | 1 Aigaion | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Aigaion Web based bibliography management system 1.2.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the DIR parameter to (1) _basicfunctions.php, or (2) pageactionauthor.php. | ||||
| CVE-2006-5932 | 1 Kahua | 1 Kahua | 2026-04-23 | N/A |
| Kahua before 0.7, when running multiple applications under a single supervisor, grants application access on the basis of username instead of username and database name, which allows remote authenticated users to obtain unauthorized access if different databases assign the same username to different user accounts. | ||||
| CVE-2007-0889 | 1 Kiwi Enterprises | 1 Kiwi Cattools | 2026-04-23 | N/A |
| Kiwi CatTools before 3.2.0 beta uses weak encryption ("reversible encoding") for passwords, account names, and IP addresses in kiwidb-cattools.kdb, which might allow local users to gain sensitive information by decrypting the file. NOTE: this issue could be leveraged with a directory traversal vulnerability for a remote attack vector. | ||||
| CVE-2006-5595 | 1 Wireshark | 1 Wireshark | 2026-04-23 | N/A |
| Unspecified vulnerability in the AirPcap support in Wireshark (formerly Ethereal) 0.99.3 has unspecified attack vectors related to WEP key parsing. | ||||
| CVE-2006-6195 | 1 Fixit Knowledge Solutions | 1 Idms Pro Image Gallery | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Fixit iDMS Pro Image Gallery allow remote attackers to execute arbitrary SQL commands via the (1) show_id or (2) parentid parameter to (a) filelist.asp, or the (3) fid parameter to (b) showfile.asp. | ||||
| CVE-2006-6805 | 1 Enthrallweb | 1 Ejobs | 2026-04-23 | N/A |
| SQL injection vulnerability in newsdetail.asp in Enthrallweb eJobs allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2006-6202 | 1 Nukeai | 1 Nukeai | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in modules/NukeAI/util.php in the NukeAI 0.0.3 Beta module for PHP-Nuke, aka Program E is an AIML chatterbot, allows remote attackers to execute arbitrary PHP code via a URL in the AIbasedir parameter. | ||||
| CVE-2007-2617 | 1 Sun | 2 Net Connect Software, Solaris | 2026-04-23 | N/A |
| srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options. | ||||
| CVE-2006-6213 | 1 Pegames | 1 Pegames | 2026-04-23 | N/A |
| index.php in PEGames uses the extract function to overwrite critical variables, which allows remote attackers to conduct PHP remote file inclusion attacks via the abs_url parameter, which is later extracted to overwrite a previously uncontrolled value. | ||||
| CVE-2006-5964 | 1 Pentaware | 2 Pentasuite-pro, Pentazip | 2026-04-23 | N/A |
| choShilA.bpl in PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221 allows local users, and user-assisted remote attackers to cause a denial of service (system crash) by right clicking on a file with a long filename. | ||||
| CVE-2006-6214 | 1 Wallpaper | 1 Wallpaper Complete Website | 2026-04-23 | N/A |
| SQL injection vulnerability in wallpaper.php in Wallpaper Website (Wallpaper Complete Website) 1.0.09 allows remote attackers to execute arbitrary SQL commands via the wallpaperid parameter. | ||||
| CVE-2006-5991 | 1 Cactusoft | 1 Cactushop | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in wwweb concepts CactuShop allow remote attackers to execute arbitrary SQL commands via the (1) prodtype parameter in prodtype.asp and the (2) product parameter in product.asp. | ||||
| CVE-2007-2640 | 1 Heiko Stamer | 1 Libtmcg | 2026-04-23 | N/A |
| LibTMCG before 1.1.1 does not perform a range check to avoid "trivial group generators," which allows attackers to obtain sensitive information about private cards. | ||||
| CVE-2007-2641 | 1 W1l3d4 | 1 Philboard | 2026-04-23 | N/A |
| SQL injection vulnerability in W1L3D4_bolum.asp in W1L3D4 Philboard 0.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter, a different vector than CVE-2007-0920. | ||||
| CVE-2006-6216 | 1 Nivisec | 1 Hacks List | 2026-04-23 | N/A |
| SQL injection vulnerability in admin_hacks_list.php in the Nivisec Hacks List 1.21 and earlier phpBB module allows remote attackers to execute arbitrary SQL commands via the hack_id parameter. | ||||
| CVE-2006-6795 | 1 Myphpnuke | 1 Myphpnuke My Egallery | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in gallery/displayCategory.php in the My_eGallery 2.5.6 module in myPHPNuke (MPN) allows remote attackers to execute arbitrary PHP code via a URL in the basepath parameter. | ||||
| CVE-2006-6132 | 1 Softacid | 1 Link Exchange Lite | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Link Exchange Lite allow remote attackers to execute arbitrary SQL commands via (1) the search engine field to search.asp and (2) psearch parameter to linkslist.asp. | ||||