Total
29871 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6757 | 1 Cwm-design | 1 Cwmexplorer | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in cwmExplorer 1.0 allows remote attackers to read arbitrary files and source code, and obtain sensitive information via directory traversal sequences in the show_file parameter. | ||||
| CVE-2006-6758 | 1 Http Explorer | 1 Http Explorer Web Server | 2025-04-09 | N/A |
| Directory traversal vulnerability in Http explorer 1.02 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the URI. | ||||
| CVE-2006-6759 | 1 Realnetworks | 1 Realplayer | 2025-04-09 | N/A |
| A certain ActiveX control in rpau3260.dll in RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer crash) by invoking the RealPlayer.Initialize method with certain arguments. | ||||
| CVE-2006-6765 | 1 Pagetool | 1 Pagetool | 2025-04-09 | N/A |
| Multiple PHP file inclusion vulnerabilities in src/admin/pt_upload.php in Pagetool 1.07 allow remote attackers to execute arbitrary PHP code via (1) a local filename or FTP/share URI in the config_file parameter or (2) a URL in the ptconf[src] parameter. | ||||
| CVE-2006-6771 | 1 Irokez | 1 Irokez Cms | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Irokez CMS 0.7.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[PTH][func] parameter in (a) scripts/gallery.scr.php; the (2) GLOBALS[PTH][spaw] parameter in (b) scripts/xtextarea.scr.php; and the (3) GLOBALS[PTH][classes] parameter in (c) sitemap.scr.php, (d) news.scr.php, (e) polls.scr.php, (f) rss.scr.php, (g) search.scr.php in scripts/, and (h) form.fun.php, (i) general.func.php, (j) groups.func.php, (k) js.func.php, (l) sections.func.php, and (m) users.func.php in functions/. | ||||
| CVE-2006-6776 | 1 Future Internet | 1 Future Internet | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Future Internet allow remote attackers to execute arbitrary SQL commands via the (1) newsId or (2) categoryid parameter in a Portal.Showpage action in index.cfm, or (3) the langId parameter in index.cfm. | ||||
| CVE-2006-6777 | 1 Future Internet | 1 Future Internet | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in index.cfm in Future Internet allows remote attackers to inject arbitrary web script or HTML via the categoryId parameter in a Portal.ShowPage action. | ||||
| CVE-2006-5636 | 1 Sws | 1 Simple Website Software | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in common.php in Simple Website Software (SWS) 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SWSDIR parameter. | ||||
| CVE-2006-6786 | 1 Open Newsletter | 1 Open Newsletter | 2025-04-09 | N/A |
| Open Newsletter 2.5 and earlier allows remote authenticated administrators to execute arbitrary PHP code by inserting the code into the email parameter to (1) subscribe.php or (2) unsubscribe.php. | ||||
| CVE-2006-6788 | 1 Luckybot | 1 Luckybot | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in LuckyBot 3 allow remote attackers to execute arbitrary PHP code via a URL in the dir parameter to (1) run.php or (2) ircbot.class.php. | ||||
| CVE-2006-6790 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2025-04-09 | N/A |
| Direct static code injection vulnerability in chat/login.php in Ultimate PHP Board (UPB) 2.0b1 and earlier allows remote attackers to inject arbitrary PHP code via the username parameter, which is injected into chat/text.php. | ||||
| CVE-2006-5637 | 1 Faq Administrator | 1 Faq Administrator | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in faq_reply.php in Faq Administrator 2.1b allows remote attackers to execute arbitrary PHP code via a URL in the email parameter. | ||||
| CVE-2006-6791 | 1 Chatwm | 1 Chatwm | 2025-04-09 | N/A |
| SQL injection vulnerability in SelGruFra.asp in chatwm 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) txtUse and (2) txtPas parameters. | ||||
| CVE-2006-6792 | 1 Mxmania | 1 Calendar Mx Basic | 2025-04-09 | N/A |
| SQL injection vulnerability in calendar_detail.asp in Calendar MX BASIC 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6796 | 1 Mtcms | 1 Mtcms | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in admin/admin_settings.php in MTCMS 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ins_file parameter. | ||||
| CVE-2006-6807 | 1 Softwebs Nepal | 1 Ananda Real Estate | 2025-04-09 | N/A |
| SQL injection vulnerability in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda Real Estate 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the agent parameter. | ||||
| CVE-2006-6815 | 1 Dmxready | 1 Dmxready Secure Login Manager | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in DMXReady Secure Login Manager 1.0 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified parameters to (1) set_preferences.asp, (2) send_password_preferences.asp, and (3) SecureLoginManager/list.asp in the Local-Admin Panel. | ||||
| CVE-2006-5638 | 1 Phpmyring | 1 Phpmyring | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in cherche.php in PHPMyRing 4.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) limite and (2) mots parameters. | ||||
| CVE-2006-6822 | 1 Enthrallweb | 1 Eclassifieds | 2025-04-09 | N/A |
| myprofile.asp in Enthrallweb eClassifieds does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter. | ||||
| CVE-2006-5639 | 1 Openwbem | 1 Openwbem | 2025-04-09 | N/A |
| Unspecified vulnerability in the random number generator in OpenWBEM (Web Based Enterprise Management) 3.2.0 allows attackers to gain privileges via vectors related to "local or HTTP Digest authentication." | ||||