ReportizFlow
Filtered by vendor
Subscriptions
Total
29902 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4641 | 1 Muratsoft | 1 Haber Portal | 2026-04-16 | N/A |
| SQL injection vulnerability in kategori.asp in Muratsoft Haber Portal 3.6 allows remote attackers to execute arbitrary SQL commands via the kat parameter. | ||||
| CVE-2006-4645 | 1 Akarru | 1 Social Bookmarking Engine | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in akarru.gui/main_content.php in Akarru Social BookMarking Engine 0.4.3.34 and earlier, and possibly 0.4.4.120, allows remote attackers to execute arbitrary PHP code via a URL in the bm_content parameter. | ||||
| CVE-2006-4669 | 1 Somery | 1 Somery | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in admin/system/include.php in Somery 0.4.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter. | ||||
| CVE-2006-4714 | 1 Spoonlabs | 1 Vivvo Article Management Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the classified_path parameter. | ||||
| CVE-2006-4726 | 1 Adobe | 1 Coldfusion | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a ColdFusion error page. | ||||
| CVE-2006-4732 | 1 Microsoft | 1 Visual Basic | 2026-04-16 | N/A |
| Unspecified vulnerability in Microsoft Visual Basic (VB) 6 has an unknown impact ("overflow") via a project that contains a certain Click event procedure, as demonstrated using the msgbox function and the VB.Label object. | ||||
| CVE-2006-4752 | 1 Laurentiu Matei | 1 Expandable Home Page Cms | 2026-04-16 | N/A |
| Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 allows remote attackers to obtain the installation path via a query to the engine module, probably with an invalid action parameter. | ||||
| CVE-2006-4778 | 1 Cchost | 1 Cchost | 2026-04-16 | N/A |
| SQL injection vulnerability in Creative Commons Tools ccHost before 3.0 allows remote attackers to execute arbitrary SQL commands via a crafted URL, which is used to populate the file ID. NOTE: Some details are obtained from third party information. | ||||
| CVE-2006-4784 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.6.1 and earlier might allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) doc/index.php or (2) files/index.php. | ||||
| CVE-2006-4826 | 1 Shadowed Portal | 1 Shadowed Portal | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in bottom.php in Shadowed Portal 5.599 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter. | ||||
| CVE-2006-4838 | 1 Codeworx Technologies | 1 Dcp-portal | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal SE 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) root_url and (2) dcp_version parameters in (a) admin/inc/footer.inc.php, and the root_url, (3) page_top_name, (4) page_name, and (5) page_options parameters in (b) admin/inc/header.inc.php. | ||||
| CVE-2006-4850 | 1 Bolinos | 1 Blinos | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in system/_b/contentFiles/gBIndex.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter. | ||||
| CVE-2006-4910 | 1 Cisco | 2 Ids Sensor Software, Ips Sensor Software | 2026-04-16 | N/A |
| The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet. | ||||
| CVE-2006-4920 | 1 Siteatschool | 1 Siteatschool | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Site@School (S@S) 2.4.02 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter to (1) starnet/modules/sn_allbum/slideshow.php, and (2) starnet/themes/editable/main.inc.php. | ||||
| CVE-2006-4968 | 1 Postnuke Software Foundation | 1 Pnphpbb | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in includes/functions_admin.php in PNphpBB 1.2g allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2005-1780 | 1 Dotnetindex | 1 Active News Manager | 2026-04-16 | N/A |
| SQL injection vulnerability in admin/login.asp in Active News Manager allows remote attackers to execute arbitrary SQL commands via the password. | ||||
| CVE-2003-0175 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl. | ||||
| CVE-2003-0371 | 1 Prishtina Soft | 1 Prishtina Ftp | 2026-04-16 | N/A |
| Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP banner. | ||||
| CVE-2006-3187 | 1 Sharky E-shop | 1 Sharky E-shop | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Sharky e-shop 3.05 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) maingroup and (2) secondgroup parameters to (a) search_prod_list.asp, and the (3) maingroup parameter to (b) meny2.asp. NOTE: it is possible that this is resultant from SQL injection or a forced SQL error. | ||||
| CVE-2003-0444 | 1 Gtksee | 1 Gtksee | 2026-04-16 | N/A |
| Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote attackers to execute arbitrary code via a PNG image of certain color depths. | ||||