Export limit exceeded: 346144 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346144 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5031 | 1 Cakephp | 1 Cakephp | 2026-04-23 | N/A |
| Directory traversal vulnerability in app/webroot/js/vendors.php in Cake Software Foundation CakePHP before 1.1.8.3544 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, followed by a filename ending with "%00" and a .js filename. | ||||
| CVE-2007-0517 | 1 Scriptsez | 1 Random Php Quote | 2026-04-23 | N/A |
| Scriptsez Random PHP Quote 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password information via a direct request for pwd.txt. | ||||
| CVE-2006-5032 | 1 Phpartenaire | 1 Phpartenaire | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in dix.php3 in PHPartenaire 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the url_phpartenaire parameter. | ||||
| CVE-2006-5033 | 1 Paul Smith Computer Services | 1 Vcap | 2026-04-23 | N/A |
| Unspecified vulnerability in StoresAndCalendarsList.cgi in Paul Smith Computer Services vCAP 1.9.0 Beta and earlier allows remote attackers to cause a denial of service via the session parameter, possibly related to format string specifiers or malformed URL encoding. | ||||
| CVE-2006-5034 | 1 Paul Smith Computer Services | 1 Vcap | 2026-04-23 | N/A |
| Directory traversal vulnerability in Paul Smith Computer Services vCAP 1.9.0 Beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | ||||
| CVE-2006-7136 | 1 Phppc | 1 Php Poll Creator | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PHP Poll Creator (phpPC) 1.04 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the relativer_pfad parameter to (1) poll.php, (2) poll_kommentar.php, and (3) poll_sm.php, different vectors and version than CVE-2005-1755. | ||||
| CVE-2006-5039 | 1 Joomla | 2 Com Events, Events Module | 2026-04-23 | N/A |
| Unspecified vulnerability in Events 1.3 beta module (com_events) for Joomla! has unspecified impact and attack vectors. | ||||
| CVE-2006-5040 | 1 Joomla | 2 Com Sef, Sef4040x | 2026-04-23 | N/A |
| Unspecified vulnerability in SEF404x (com_sef) for Joomla! has unspecified impact and attack vectors. | ||||
| CVE-2006-5041 | 1 Joomla | 2 Com Hotproperties, Hot Properties | 2026-04-23 | N/A |
| Unspecified vulnerability in Hot Properties (possibly com_hotproperties) 0.97 and earlier for Joomla! has unspecified impact and attack vectors. | ||||
| CVE-2006-5042 | 1 Joomla | 2 Com Mosmedia, Mosmedia | 2026-04-23 | N/A |
| Unspecified vulnerability in mosMedia (com_mosmedia) 1.0.8 and earlier for Joomla! has unspecified impact and attack vectors. | ||||
| CVE-2006-7141 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in Oracle Database Server, when utl_file_dir is set to a wildcard value or "CREATE ANY DIRECTORY to PUBLIC" privileges exist, allows remote authenticated users to read and modify arbitrary files via full filepaths to utl_file functions such as (1) utl_file.put_line and (2) utl_file.get_line, a related issue to CVE-2005-0701. NOTE: this issue is disputed by third parties who state that this is due to an insecure configuration instead of an inherent vulnerability | ||||
| CVE-2006-5043 | 2 Joomla, Joomlaboard | 2 Joomla\!, Joomlaboard | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in the Joomlaboard Forum Component (com_joomlaboard) before 1.1.2 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) file_upload.php or (2) image_upload.php, a variant of CVE-2006-3528. | ||||
| CVE-2006-5044 | 2 Joomla, Mambo | 2 Prince Clan Chess Component, Prince Clan Chess Component | 2026-04-23 | N/A |
| Unspecified vulnerability in Prince Clan (Princeclan) Chess component (com_pcchess) 0.8 and earlier for Mambo and Joomla! has unspecified impact and attack vectors. | ||||
| CVE-2006-7145 | 1 Call-center-software | 1 Call-center-software | 2026-04-23 | N/A |
| edit_user.php in Call Center Software 0.93 and earlier allows remote attackers to obtain sensitive information such as account passwords via a modified user_id parameter. | ||||
| CVE-2006-5045 | 1 Joomlaxt | 1 Com Pollxt | 2026-04-23 | N/A |
| Unspecified vulnerability in PollXT component (com_pollxt) 1.22.07 and earlier for Joomla! has unspecified impact and attack vectors, probably related to PHP remote file inclusion in the mosConfig_absolute_path to conf.pollxt.php. | ||||
| CVE-2006-5046 | 1 Joomla | 1 Rs Gallery2 | 2026-04-23 | N/A |
| Unspecified vulnerability in RS Gallery2 (com_rsgallery2) 1.11.3 and earlier for Joomla! has unspecified impact and attack vectors, related to lack of "hardened language files." | ||||
| CVE-2006-5047 | 1 Joomla | 1 Rs Gallery2 | 2026-04-23 | N/A |
| Unspecified vulnerability in rsgallery2.html.php in RS Gallery2 component (com_rsgallery2) before 1.11.3 for Joomla! allows attackers to execute arbitrary code. | ||||
| CVE-2006-5049 | 1 Joomla | 2 Classifieds Component, Com Classifieds | 2026-04-23 | N/A |
| Unspecified vulnerability in Classifieds (com_classifieds) component 1.3 and earlier for Joomla! has unspecified impact and attack vectors. | ||||
| CVE-2006-7146 | 1 Cuttlefish | 1 Leicestershire Communityportals | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in bug.php in Leicestershire communityPortals 1.0 build 20051018 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter, a different vector than CVE-2006-5280. NOTE: CVE disputes this issue, since bug.php is not in communityPortals source distributions | ||||
| CVE-2006-5050 | 1 Rob Landley | 1 Busybox | 2026-04-23 | N/A |
| Directory traversal vulnerability in httpd in Rob Landley BusyBox allows remote attackers to read arbitrary files via URL-encoded "%2e%2e/" sequences in the URI. | ||||