Export limit exceeded: 357562 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29944 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29944 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5866 | 1 Phpmanta | 1 Phpmanta | 2026-04-23 | N/A |
| Directory traversal vulnerability in Mdoc/view-sourcecode.php for phpManta 1.0.2 and earlier allows remote attackers to read and include arbitrary files via ".." sequences in the file parameter. | ||||
| CVE-2006-5868 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2026-04-23 | N/A |
| Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image. | ||||
| CVE-2006-6139 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2026-04-23 | N/A |
| Directory traversal vulnerability in downloadexcel.php in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to read arbitrary files via the fn parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6140 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to execute arbitrary PHP code via a URL in the slnt parameter to (1) index.php and (2) print.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6141 | 1 Philippe Jounin | 1 Tftpd32 | 2026-04-23 | N/A |
| Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window. | ||||
| CVE-2006-6142 | 2 Redhat, Squirrelmail | 2 Enterprise Linux, Squirrelmail | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) mailto parameter in (a) webmail.php, the (2) session and (3) delete_draft parameters in (b) compose.php, and (4) unspecified vectors involving "a shortcoming in the magicHTML filter." | ||||
| CVE-2006-6145 | 1 Cryptocard | 1 Crypto-server | 2026-04-23 | N/A |
| CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials in plaintext in UninstallerData\installvariables.properties, which has insecure permissions and allows local users to obtain the credentials. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6146 | 1 Takeshi Kanno | 1 Haru Free Pdf Library | 2026-04-23 | N/A |
| Buffer overflow in the HPDF_Page_Circle function in hpdf_page_operator.c in Takeshi Kanno Haru Free PDF Library (libharu2, aka libharu) 2.0.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via certain arguments that yield a large amount of PDF data, as demonstrated by a filled circle. | ||||
| CVE-2006-6147 | 1 Jiros | 1 Links Manager | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in JiRos Links Manager allow remote attackers to execute arbitrary SQL commands via the (1) LinkID parameter to openlink.asp or the (2) CategoryID parameter to viewlinks.asp. | ||||
| CVE-2006-6148 | 1 Jiros | 1 Links Manager | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in submitlink.asp in JiRos Links Manager allow remote attackers to inject arbitrary web script or HTML via the (1) lName, (2) lURL, (3) lImage, and (4) lDescription parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-6149 | 1 Jiros | 1 Faq Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in index.asp in JiRos FAQ Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the tID parameter. | ||||
| CVE-2006-6150 | 1 Owllib | 1 Owllib | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in memory/OWLMemoryProperty.php in OWLLib 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the OWLLIB_ROOT parameter. | ||||
| CVE-2006-6151 | 1 Messagerie Locale | 1 Messagerie Locale | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in centre.php in Messagerie Locale as of 20061127 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6152 | 1 Vspin.net | 1 Classified System | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to (a) cat.asp, or the (2) keyword, (3) order, (4) sort, (5) menuSelect, or (6) state parameter to (b) search.asp. | ||||
| CVE-2006-6153 | 1 Vspin.net | 1 Classified System | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to inject arbitrary web script or HTML via (1) catname parameter to cat.asp or the (2) minprice parameter to search.asp. | ||||
| CVE-2006-6154 | 1 Hscripts | 1 Hiox Star Rating System Script | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in addcode.php in HIOX Star Rating System Script (HSRS) 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the hm parameter. | ||||
| CVE-2006-6155 | 1 Hscripts | 1 Hiox Star Rating System Script | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in addrating.php in HIOX Star Rating System Script (HSRS) 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ipadd or (2) url parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6156 | 1 Hscripts | 1 Hiox Star Rating System Script | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in auth/message.php in HIOX Star Rating System Script (HSRS) 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string (PHP_SELF). NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6158 | 3 Ace Helpdesk, Inverseflow, Pmos Helpdesk | 3 Ace Helpdesk, Help Desk, Pmos Helpdesk | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (a) PMOS Help Desk 2.4, formerly (b) InverseFlow Help Desk 2.31 and also sold as (c) Ace Helpdesk 2.31, allow remote attackers to inject arbitrary web script or HTML via the (1) id or email parameter to ticketview.php, or (2) the email parameter to ticket.php. | ||||
| CVE-2006-6160 | 1 Doug Luxem | 1 Liberum Help Desk | 2026-04-23 | N/A |
| SQL injection vulnerability in details.asp in Doug Luxem Liberum Help Desk 0.97.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||