Search Results (362462 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-1133 1 Vbzoom 1 Vbzoom 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in vbzoom 1.11 allow remote attackers to inject arbitrary web script or HTML via the UserID parameter to (1) comment.php or (2) contact.php. NOTE: the profile.php/UserName vector is already covered by CVE-2005-2441.
CVE-2006-1135 1 Sblog 1 Sblog 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in sBlog 0.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) keyword parameter to search.php or (2) username parameter to comments_do.php.
CVE-2006-1614 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2006-1136 1 Xerox 6 Copycentre C65, Copycentre C75, Copycentre C90 and 3 more 2026-04-16 N/A
Buffer overflow in the PostScript file interpreter code for Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows attackers to cause a denial of service via unknown vectors.
CVE-2006-1138 1 Xerox 12 Copycentre C65, Copycentre C65 Firmware, Copycentre C75 and 9 more 2026-04-16 N/A
Unspecified vulnerability in the web server code in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows remote attackers to cause a denial of service (memory corruption) via unknown vectors.
CVE-2006-1139 1 Xerox 12 Copycentre C65, Copycentre C65 Firmware, Copycentre C75 and 9 more 2026-04-16 N/A
Unspecified vulnerability in the ESS/ Network Controller in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, causes the Immediate Image Overwrite feature to fail after a power loss, which could leave data exposed to attack.
CVE-2006-1141 1 Inter7 1 Qmailadmin 2026-04-16 N/A
Buffer overflow in qmailadmin.c in QmailAdmin before 1.2.10 allows remote attackers to execute arbitrary code via a long PATH_INFO environment variable.
CVE-2006-1142 1 Solido Systems 1 Ravenous Web Server 2026-04-16 N/A
Unspecified vulnerability in Ravenous Web Server before 0.7.1 allows remote attackers to access arbitrary rvplg files, with unknown impact.
CVE-2006-1143 1 Ftpoed 1 Ftpoed Blog Engine 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in FTPoed Blog Engine 1.1 allows remote attackers to inject arbitrary web script or HTML via the comment_body parameter, as used by the comment field, when posting a comment.
CVE-2006-1144 1 David Ravenscroft 1 Hithost 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via (1) the user parameter in deleteuser.php and (2) the hits parameter in viewuser.php.
CVE-2006-1145 1 Cor Entertainment 1 Alien Arena 2006 2026-04-16 N/A
Format string vulnerability in the safe_cprintf function in acebot_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code via unspecified vectors when the server sends crafted messages to the clients.
CVE-2006-1148 1 Peercast 1 Peercast 2026-04-16 N/A
Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp.
CVE-2006-1149 1 Owl 1 Owl Intranet Engine 2026-04-16 N/A
PHP remote file inclusion vulnerability in lib/OWL_API.php in OWL Intranet Engine 0.82, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the xrms_file_root parameter, which is not initialized before use.
CVE-2006-1150 1 Teg 1 Tenes Empanadas Graciela 2026-04-16 N/A
Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, automatically appends an _ (underscore) to the end of duplicate nicknames, which allows remote attackers to cause a denial of service (application crash) by creating multiple users with long, identical nicknames, which triggers an off-by-one error.
CVE-2006-1151 1 M Phorum 1 M Phorum 2026-04-16 N/A
Cross-site scripting vulnerability in index.php in M-Phorum 0.2 allows remote attackers to inject arbitrary web script or HTML via the go parameter.
CVE-2006-1615 1 Clamav 1 Clamav 2026-04-16 N/A
Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly.
CVE-2006-1152 1 M Phorum 1 M Phorum 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 allows remote attackers to include arbitrary files via the go parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-1153 1 D2-shoutbox 1 D2-shoutbox 2026-04-16 N/A
SQL injection vulnerability in D2-Shoutbox 4.2 allows remote attackers to execute arbitrary SQL commands via the load parameter, when performing a Shoutbox action through Invision Power Board (IPB).
CVE-2006-1616 1 Advanced Poll 1 Advanced Poll 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Advanced Poll 2.02 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to comments.php or (2) poll_id parameter to page.php.
CVE-2006-1157 1 Adp 1 Adp Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the Subject field (possibly messaggio parameter) when posting a new message in post.php.