ReportizFlow
Filtered by vendor
Subscriptions
Total
29925 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4528 | 1 Membrepass | 1 Membrepass | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in membrepass 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) recherche parameter in recherchemembre.php and the (2) email parameter in test.php. | ||||
| CVE-1999-1076 | 1 Apple | 1 Macos | 2026-04-16 | N/A |
| Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into the locked session. | ||||
| CVE-2006-4532 | 1 Bernard Pacques | 1 Yet Another Community System Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System (YACS) CMS 6.6.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the context[path_to_root] parameter. | ||||
| CVE-1999-1088 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges. | ||||
| CVE-1999-1101 | 1 Kab Software | 1 Lydia | 2026-04-16 | N/A |
| Kabsoftware Lydia utility uses weak encryption to store user passwords in the lydia.ini file, which allows local users to easily decrypt the passwords and gain privileges. | ||||
| CVE-1999-1109 | 1 Sendmail | 1 Sendmail | 2026-04-16 | N/A |
| Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated. | ||||
| CVE-2006-4597 | 1 Icblogger | 1 Icblogger | 2026-04-16 | N/A |
| SQL injection vulnerability in devam.asp in ICBlogger 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the YID parameter. | ||||
| CVE-2006-4602 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2026-04-16 | N/A |
| Unrestricted file upload vulnerability in jhot.php in TikiWiki 1.9.4 Sirius and earlier allows remote attackers to execute arbitrary PHP code via a filepath parameter that contains a filename with a .php extension, which is uploaded to the img/wiki/ directory. | ||||
| CVE-2006-4608 | 1 Longino | 1 Jacome Php-revista | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cadena parameter in busqueda.php and the (2) email parameter in lista.php. | ||||
| CVE-2006-4629 | 1 C-news.fr | 1 C-news | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in affichage/commentaires.php in C-News.fr C-News 1.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | ||||
| CVE-2006-4636 | 1 Szewo | 1 Phpcommander | 2026-04-16 | N/A |
| Directory traversal vulnerability in SZEWO PhpCommander 3.0 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Directory parameter, as demonstrated by parameter values naming Apache HTTP Server log files that apparently contain PHP code. | ||||
| CVE-2006-4638 | 1 Acgv News | 1 Acgv News | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in article.php in ACGV News 0.9.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PathNews parameter. | ||||
| CVE-2006-4654 | 1 Efs Software | 1 Easy Address Book Web Server | 2026-04-16 | N/A |
| Format string vulnerability in Easy Address Book Web Server 1.2 allows remote attackers to cause a denial of service (crash) or "compromise the server" via encoded format string specifiers in the query string. | ||||
| CVE-1999-1278 | 1 Nlog | 1 Nlog | 2026-04-16 | N/A |
| nlog CGI scripts do not properly filter shell metacharacters from the IP address argument, which could allow remote attackers to execute certain commands via (1) nlog-smb.pl or (2) rpc-nlog.pl. | ||||
| CVE-2006-4662 | 1 Mirabilis | 1 Icq | 2026-04-16 | N/A |
| Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type. | ||||
| CVE-2006-4668 | 1 Rob Hensley | 1 Ackertodo | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Rob Hensley AckerTodo 4.0 allows remote attackers to inject arbitrary web script or HTML via the task_id parameter in an edit_task command. | ||||
| CVE-2006-4742 | 1 Idevspot | 1 Phplinkexchange | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-1999-1391 | 1 Next | 1 Next | 2026-04-16 | N/A |
| Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers allows local users to gain privileges via a combination of the npd program and weak directory permissions. | ||||
| CVE-1999-0069 | 1 Sun | 1 Sunos | 2026-04-16 | 8.4 High |
| Solaris ufsrestore buffer overflow. | ||||
| CVE-1999-0084 | 1 Sun | 1 Nfs | 2026-04-16 | 8.4 High |
| Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0. | ||||