Export limit exceeded: 29914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4708 | 1 Vikingboard | 1 Vikingboard | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1b allow remote attackers to inject arbitrary web script or HTML via the (1) act parameter in (a) help.php and (b) search.php, and the (2) p parameter in report.php. | ||||
| CVE-2006-4709 | 1 Vikingboard | 1 Vikingboard | 2025-04-03 | N/A |
| SQL injection vulnerability in topic.php in Vikingboard 0.1b allows remote attackers to execute arbitrary SQL commands via the s parameter. | ||||
| CVE-2006-4710 | 1 Newsgator | 1 Feeddemon | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NewsGator FeedDemon before 2.0.0.25 allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite. | ||||
| CVE-2006-4711 | 1 Sage | 1 Sage | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Sage allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite. | ||||
| CVE-2006-4713 | 1 Psywerks | 1 Puma | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in config.php in PSYWERKS PUMA 1.0 RC2 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter. | ||||
| CVE-2006-4714 | 1 Spoonlabs | 1 Vivvo Article Management Cms | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the classified_path parameter. | ||||
| CVE-2006-4715 | 1 Spoonlabs | 1 Vivvo Article Management Cms | 2025-04-03 | N/A |
| SQL injection vulnerability in pdf_version.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-4716 | 1 Fire Soft Board | 1 Fire Soft Board | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in demarrage.php in Fire Soft Board (FSB) RC3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter. | ||||
| CVE-2006-4717 | 1 Drupal | 1 Drupal Pubcookie Module | 2025-04-03 | N/A |
| The login redirection mechanism in the Drupal 4.7 Pubcookie module before 1.2.2.4 2006/09/06 and the Drupal 4.6 Pubcookie module before 1.6.2.1 2006/09/07 allows remote attackers to bypass authentication requirements and spoof identities of arbitrary users via unspecified vectors. | ||||
| CVE-2006-4718 | 1 Korviblog | 1 Korviblog | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in livre_or.php in KorviBlog 1.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) prenom, (2) emailFrom, or (3) body parameters. | ||||
| CVE-2006-4719 | 1 Myabracadaweb | 1 Myabracadaweb | 2025-04-03 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php. | ||||
| CVE-2006-4720 | 1 Mcgallery | 1 Mcgallery Pro | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in random2.php in mcGalleryPRO 2006 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. | ||||
| CVE-2006-4721 | 1 Ccleague | 1 Pro Sports Cms | 2025-04-03 | N/A |
| Directory traversal vulnerability in admin.php in CCleague Pro Sports CMS 1.0.1 RC1 allows remote attackers to read and execute arbitrary local files via a .. (dot dot) sequence and trailing null (%00) byte in the language Cookie parameter, as demonstrated by executing PHP code via a log file. | ||||
| CVE-2006-4722 | 1 Openbb | 1 Openbb | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in Open Bulletin Board (OpenBB) 1.0.8 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) index.php and possibly (2) collector.php. | ||||
| CVE-2006-4723 | 1 Raidenhttpd | 1 Raidenhttpd | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in raidenhttpd-admin/slice/check.php in RaidenHTTPD 1.1.49, when register_globals and WebAdmin is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the SoftParserFileXml parameter. | ||||
| CVE-2006-4724 | 1 Adobe | 1 Coldfusion | 2025-04-03 | N/A |
| Unspecified vulnerability in the ColdFusion Flash Remoting Gateway in Adobe ColdFusion MX 7 and 7.01 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors involving a crafted command. | ||||
| CVE-2006-4725 | 1 Adobe | 1 Coldfusion | 2025-04-03 | N/A |
| Adobe ColdFusion MX 7 and 7.01 allows local users to bypass security restrictions and call components (CFC) within a sandbox from CFML templates that are located outside of the sandbox. | ||||
| CVE-2006-4726 | 1 Adobe | 1 Coldfusion | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a ColdFusion error page. | ||||
| CVE-2006-4739 | 1 Jetbox | 1 Jetbox Cms | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the OriginalImageData parameter to phpthumb.php. | ||||
| CVE-2006-4731 | 2 Dws Systems Inc., Ledgersmb | 2 Sql-ledger, Ledgersmb | 2025-04-03 | N/A |
| Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger before 2.6.19 and (b) LedgerSMB before 1.0.0p1 allow remote attackers to execute arbitrary Perl code via an unspecified terminal parameter value containing ../ (dot dot slash). | ||||