ReportizFlow
Filtered by vendor
Subscriptions
Total
29885 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1813 | 1 Phpwebftp | 1 Phpwebftp | 2025-04-03 | N/A |
| Directory traversal vulnerability in index.php in phpWebFTP 3.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the language parameter. | ||||
| CVE-2006-1815 | 1 Tritanium Scripts | 1 Tritanium Bulletin Board | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_realname and (2) newuser_icq parameters, a different vector than CVE-2006-1768. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-1843 | 1 Cynical Games | 1 Shoutbook | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) LOCATION and (2) URL parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-1860 | 1 Linux | 1 Linux Kernel | 2025-04-03 | N/A |
| lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (fcntl_setlease lockup) via actions that cause lease_init to free a lock that might not have been allocated on the stack. | ||||
| CVE-2006-1916 | 1 Dbbs | 1 Dbbs | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in profile.php in DbbS 2.0-alpha and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ulocation or (2) uhobbies parameters. | ||||
| CVE-2006-1927 | 1 Cisco | 1 Ios Xr | 2025-04-03 | N/A |
| Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 or Cisco 12000 series routers, allows remote attackers to cause a denial of service (Line card crash) via certain MPLS packets, as identified by Cisco bug ID CSCsc77475. | ||||
| CVE-2006-2013 | 1 Web-provence | 1 Sl Site | 2025-04-03 | N/A |
| SQL injection vulnerability in page.php in SL_site 1.0 allows remote attackers to execute arbitrary SQL commands via the id_page parameter. NOTE: this issue could be used to produce resultant XSS from an error message. | ||||
| CVE-1999-1065 | 1 Palm Pilot | 1 Hotsync Manager | 2025-04-03 | N/A |
| Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 14238 while the manager is in network mode. | ||||
| CVE-2006-2065 | 1 Phpsurveyor | 1 Phpsurveyor | 2025-04-03 | N/A |
| SQL injection vulnerability in save.php in PHPSurveyor 0.995 and earlier allows remote attackers to execute arbitrary SQL commands via the surveyid cookie. NOTE: this issue could be leveraged to execute arbitrary PHP code, as demonstrated by inserting directory traversal sequences into the database, which are then processed by the thissurvey['language'] variable. | ||||
| CVE-2006-2078 | 1 Furukawa Electric | 2 Fitelnet, Mucho-ev Pk | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in multiple FITELnet products, including FITELnet-F40, F80, F100, F120, F1000, and E20/E30, allow remote attackers to cause a denial of service via crafted DNS messages that trigger errors in (1) ProxyDNS or (2) PKI-Resolver, as demonstrated by the OUSPG PROTOS DNS test suite. | ||||
| CVE-2006-2133 | 1 Boonex | 1 Barracuda | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) link_dir_target and (2) link_id_target parameter, possibly involving the link_edit functionality. | ||||
| CVE-2006-2149 | 1 Avatic | 1 Aardvark Topsites Php | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in sources/lostpw.php in Aardvark Topsites PHP 4.2.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the CONFIG[path] parameter, as demonstrated by including a GIF that contains PHP code. | ||||
| CVE-2006-2153 | 1 Jbmc Software | 1 Directadmin | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin Hosting Management allows remote attackers to inject arbitrary web script or HTML via the domain parameter. | ||||
| CVE-2006-2187 | 1 Zenphoto | 1 Zenphoto | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in zenphoto 1.0.1 beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) a parameter in i.php, and the (2) album and (3) image parameters in index.php. | ||||
| CVE-2006-2292 | 1 Inhouse Associates | 1 Ia-calendar | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in IA-Calendar allow remote attackers to execute arbitrary SQL commands via the (1) type parameter in (a) calendar_new.asp and (b) default.asp, and (2) ID parameter in (c) calendar_detail.asp. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-2305 | 1 Jadu Limited | 1 Jadu Cms | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Jadu CMS allow remote attackers to inject arbitrary web script or HTML via the (1) forename, (2) surname, (3) reg_email, (4) email_conf, (5) company, (6) city, (7) postcode, or (8) telephone parameters to site/scripts/register.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-2394 | 1 Turnkey Web Tools | 1 Php Live Helper | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in chat.php in PHP Live Helper allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID parameter. | ||||
| CVE-2006-2400 | 1 Outgun | 1 Outgun | 2025-04-03 | N/A |
| The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (game interruption) via large packets, which cause an exception to be thrown. | ||||
| CVE-2006-2446 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| Race condition between the kfree_skb and __skb_unlink functions in the socket buffer handling in Linux kernel 2.6.9, and possibly other versions, allows remote attackers to cause a denial of service (crash), as demonstrated using the TCP stress tests from the LTP test suite. | ||||
| CVE-2006-2557 | 1 Florian Amrhein | 1 Newsportal | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in extras/poll/poll.php in Florian Amrhein NewsPortal before 0.37, and TR Newsportal (TRanx rebuilded), allows remote attackers to execute arbitrary PHP code via a URL in the file_newsportal parameter. | ||||