ReportizFlow
Filtered by vendor
Subscriptions
Total
29894 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2892 | 1 Gantty | 1 Gantty | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in GANTTy 1.0.3 allows remote attackers to inject arbitrary HTML and web script via the message parameter in a login action. | ||||
| CVE-2005-3852 | 1 Onlinetechtools.com | 1 Owos Lite | 2026-04-16 | N/A |
| SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0 allows remote attackers to execute arbitrary SQL commands via the keyword parameter. | ||||
| CVE-2006-2226 | 1 Dxmsoft | 1 Xm Easy Personal Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in XM Easy Personal FTP Server 4.2 and 5.0.1 allows remote authenticated users to cause a denial of service via a long argument to the PORT command. | ||||
| CVE-2006-2964 | 1 Xtreme Scripts | 1 Download Manager | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts Download Manager (aka Xtreme Downloads) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) download.php, (2) manager.php, (3) admin/scripts/category.php, (4) includes/add_allow.php, (5) admin/index.php, and (6) admin/admin/login.php. | ||||
| CVE-2003-0231 | 1 Microsoft | 2 Data Engine, Sql Server | 2026-04-16 | N/A |
| Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long request to a named pipe. | ||||
| CVE-2006-3010 | 1 Aliacom | 1 Open Business Management | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Open Business Management (OBM) 1.0.3 pl1 allow remote attackers to execute arbitrary SQL commands via the (1) new_order and (2) order_dir parameters to (a) index.php, (b) group/group_index.php, (c) user/user_index.php, (d) list/list_index.php, and (e) company/company_index.php, and the (3) entity and (4) tf_dateafter parameter to company/company_index.php. | ||||
| CVE-2004-0887 | 2 Linux, Suse | 2 Linux Kernel, Suse Linux | 2026-04-16 | N/A |
| SUSE Linux Enterprise Server 9 on the S/390 platform does not properly handle a certain privileged instruction, which allows local users to gain root privileges. | ||||
| CVE-2006-3057 | 1 Gnome | 1 Dhcdbd | 2026-04-16 | N/A |
| Unspecified vulnerability in NetworkManager daemon for DHCP (dhcdbd) allows remote attackers to cause a denial of service (crash) via certain invalid DHCP responses that trigger memory corruption. | ||||
| CVE-2006-3062 | 1 Myphp Guestbook | 1 Myphp Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in myPHP Guestbook 2.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | ||||
| CVE-1999-0162 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. | ||||
| CVE-2006-3129 | 1 Nc Linklist | 1 Nc Linklist | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in NC LinkList 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) cat and (2) view parameters. | ||||
| CVE-2006-3130 | 1 Clubpage | 1 Clubpage | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Clubpage allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2006-3131 | 1 Clubpage | 1 Clubpage | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Clubpage allow remote attackers to inject arbitrary web script or HTML via the (1) news_archive, (2) language, and (3) intranetLogin parameters in (a) index.php; the (4) sites_id parameter in (b) sites.php; and the (5) news_id parameter in (c) news_more.php. | ||||
| CVE-2001-0876 | 1 Microsoft | 4 Windows 98, Windows 98se, Windows Me and 1 more | 2026-04-16 | N/A |
| Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL. | ||||
| CVE-2006-3170 | 1 Comscripts | 1 Cs-forum | 2026-04-16 | N/A |
| CS-Forum before 0.82 allows remote attackers to obtain sensitive information via unspecified manipulations, possibly involving an empty collapse[] or readall parameter to index.php, which reveals the installation path in an error message. | ||||
| CVE-2004-1854 | 1 Picophone | 1 Internet Telephone | 2026-04-16 | N/A |
| Buffer overflow in the logging function in Picophone 1.63 and earlier allows remote attackers to execute arbitrary code via a large packet. | ||||
| CVE-2006-2217 | 1 Invision Power Services | 1 Invision Power Board | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Invision Power Board allows remote attackers to execute arbitrary SQL commands via the pid parameter in a reputation action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-3416 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Tor before 0.1.1.20 kills the circuit when it receives an unrecognized relay command, which causes network circuits to be disbanded. NOTE: while this item is listed under the "Security fixes" section of the developer changelog, the developer clarified on 20060707 that this is only a self-DoS. Therefore this issue should not be included in CVE | ||||
| CVE-2006-3192 | 1 Php Web Scripts | 1 Ad Manager Pro | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Ad Manager Pro 2.6 allows remote attackers to execute arbitrary PHP code via a URL in the (1) ipath parameter in common.php and (2) unspecified vectors in ad.php. | ||||
| CVE-2006-3207 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2026-04-16 | N/A |
| Directory traversal vulnerability in newpost.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the id parameter, as demonstrated by injecting a Perl CGI script using "[NR]" sequences in the message parameter, then calling close.php with modified id and t_id parameters to chmod the script. NOTE: this issue might be resultant from dynamic variable evaluation. | ||||