Export limit exceeded: 20006 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361545 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361545 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361545 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3945 | 2 Microsoft, Opera | 2 Windows Xp, Opera Browser | 2026-04-16 | N/A |
| The CSS functionality in Opera 9 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the background property of a DHTML element to a long http or https URL, which triggers memory corruption. | ||||
| CVE-2006-3946 | 1 Apple | 2 Mac Os X, Safari | 2026-04-16 | N/A |
| WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted HTML that triggers a "memory management error" in WebKit, possibly due to a buffer overflow, as originally reported for the KHTMLParser::popOneBlock function in Apple Safari 2.0.4 using Javascript that changes document.body.innerHTML within a DIV tag. | ||||
| CVE-2006-3947 | 1 Mambo | 1 Mambatstaff | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in components/com_mambatstaff/mambatstaff.php in the Mambatstaff 3.1b and earlier component for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-3948 | 1 Php-nuke | 1 Inp | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke INP allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2006-3949 | 1 Mambo | 1 Artlinks Component | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in artlinks.dispnew.php in the Artlinks component (com_artlinks) for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-3950 | 1 X-scripts | 1 X-statistics | 2026-04-16 | N/A |
| SQL injection vulnerability in x-statistics.php in X-Scripts X-Statistics 1.20 allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | ||||
| CVE-2006-3951 | 1 Mam-moodle Alpha Component | 1 Mam-moodle Alpha Component | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in moodle.php in Mam-moodle alpha component (com_moodle) for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-3952 | 1 Efs Software | 1 Efs Ftp Server | 2026-04-16 | N/A |
| Stack-based buffer overflow in EFS Software Easy File Sharing FTP Server 2.0 allows remote attackers to execute arbitrary code via a long argument to the PASS command. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-3953 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in usercp.php in MyBB (aka MyBulletinBoard) 1.x allows remote attackers to inject arbitrary web script or HTML via the gallery parameter. | ||||
| CVE-2006-3954 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Directory traversal vulnerability in usercp.php in MyBB (aka MyBulletinBoard) 1.x allows remote attackers to read arbitrary files via a .. (dot dot) in the gallery parameter in a (1) avatar or (2) do_avatar action. | ||||
| CVE-2006-4881 | 1 David Bennett | 1 Php-post | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in David Bennett PHP-Post (PHPp) 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the replyuser parameter in (a) pm.php; (2) the txt_jumpto parameter in (b) dropdown.php; the (3) txt_error and (4) txt_templatenotexist parameters in (c) template.php; the (5) split parameter in certain files, as demonstrated by (d) editprofile.php, (e) search.php, (f) index.php, and (g) pm.php; and the (6) txt_login parameter in (h) loginline.php; and allow remote authenticated users to inject arbitrary web script or HTML via the (7) txt_logout parameter in (i) loginline.php. | ||||
| CVE-2006-3955 | 1 Minibb | 1 Minibb | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) news.php, (2) search.php, or (3) whosOnline.php. | ||||
| CVE-2006-3956 | 1 Total Online Solutions | 1 Advanced Webhost Billing System | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in contact.php in Advanced Webhost Billing System (AWBS) 2.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) AccountUsername and (3) Message parameters. | ||||
| CVE-2006-3958 | 1 Pkr Internet | 1 Taskjitsu | 2026-04-16 | N/A |
| Multiple unspecified cross-site scripting (XSS) vulnerabilities in Taskjitsu 2.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) the Search Tasks system, or authenticated users via (2) the Edit Task system, (3) the back-end Category Editor system, and (4) "Pages that display task status, email addresses, URL, customer, and project information." | ||||
| CVE-2006-3960 | 1 X-scripts | 1 X-poll | 2026-04-16 | N/A |
| SQL injection vulnerability in top.php in X-Scripts X-Poll, probably 2.30, allows remote attackers to execute arbitrary SQL commands via the poll parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-3961 | 1 Mcafee | 9 Antispyware, Internet Security Suite, Personal Firewall Plus and 6 more | 2026-04-16 | N/A |
| Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf. | ||||
| CVE-2006-3965 | 1 Banex | 1 Banex | 2026-04-16 | N/A |
| Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as database usernames and passwords. | ||||
| CVE-2006-3966 | 2 Carlos Sanchez Valle, Php Layers Menu | 2 Mynewsgroups, Php Layers Menu | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in /lib/tree/layersmenu.inc.php in the PHP Layers Menu 2.3.5 package for MyNewsGroups :) 0.6b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the myng_root parameter. | ||||
| CVE-2006-3967 | 1 Moskool | 1 Moskool | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in component/option,com_moskool/Itemid,34/admin.moskool.php in MamboXChange Moskool 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-3968 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature, which might prevent applications from detecting that the data has been modified. | ||||