ReportizFlow
Filtered by vendor
Subscriptions
Total
29909 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4680 | 1 Canon | 7 Imagerunner 2620, Imagerunner 5020, Imagerunner 6870 and 4 more | 2026-04-16 | N/A |
| The Remote UI in Canon imageRUNNER includes usernames and passwords when exporting an address book, which allows context-dependent attackers to obtain sensitive information. | ||||
| CVE-2006-1742 | 2 Mozilla, Redhat | 5 Firefox, Mozilla Suite, Seamonkey and 2 more | 2026-04-16 | N/A |
| The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption. | ||||
| CVE-2006-4682 | 1 Ibm | 1 Director | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in IBM Director before 5.10 allow remote attackers to cause a denial of service (crash) via unspecified vectors involving (1) malformed WMI CIM server requests and (2) malformed packets. | ||||
| CVE-2006-4709 | 1 Vikingboard | 1 Vikingboard | 2026-04-16 | N/A |
| SQL injection vulnerability in topic.php in Vikingboard 0.1b allows remote attackers to execute arbitrary SQL commands via the s parameter. | ||||
| CVE-2006-4710 | 1 Newsgator | 1 Feeddemon | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NewsGator FeedDemon before 2.0.0.25 allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite. | ||||
| CVE-2000-0953 | 1 Evolvable Corporation | 1 Shambala Server | 2026-04-16 | N/A |
| Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a connection. | ||||
| CVE-2006-1757 | 1 Bill Shupp | 1 Vegadns | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Vegadns 0.99 allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2000-0954 | 1 Evolvable Corporation | 1 Shambala Server | 2026-04-16 | N/A |
| Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server. | ||||
| CVE-2006-1762 | 1 Blursoft | 1 Blur6ex | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in blur6ex 0.3.452 allows remote attackers to include arbitrary files via the shard parameter. NOTE: this issue can be exploited to produce resultant XSS when the parameter has XSS manipulations, and path disclosure with other invalid values. | ||||
| CVE-2005-3824 | 1 Vtiger | 1 Vtiger Crm | 2026-04-16 | N/A |
| The uploads module in vTiger CRM 4.2 and earlier allows remote attackers to upload arbitrary files, such as PHP files, via the add2db action. | ||||
| CVE-2006-1771 | 1 Saxotech | 1 Saxopress | 2026-04-16 | N/A |
| Directory traversal vulnerability in misc in pbcs.dll in SAXoTECH SAXoPRESS, aka Saxotech Online (formerly Publicus) allows remote attackers to read arbitrary files and possibly execute arbitrary programs via a .. (dot dot) in the url parameter. | ||||
| CVE-2006-1775 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 allow remote attackers to inject arbitrary web script or HTML via the (1) Site Description field in (a) admin_board.php, the (2) Group name and (3) Group description fields in (b) admin_groups.php and (c) groupcp.php, the (4) Theme Name field in (d) admin_styles.php, and the (5) Rank Title field in (e) admin_ranks.php. NOTE: the profile.php/Current password vector is already covered by CVE-2006-1603. | ||||
| CVE-2006-1784 | 1 Sphider | 1 Sphider | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and earlier, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the settings_dir parameter. | ||||
| CVE-2006-0221 | 1 Ddsn | 1 Cm3cms | 2026-04-16 | N/A |
| SQL injection vulnerability in index.asp in the Admin Panel in Dragon Design Services Network (DDSN) cm3 content manager (CM3CMS) allows remote attackers to execute arbitrary SQL commands via the (1) username or (2) password. | ||||
| CVE-2006-1793 | 1 Runcms | 1 Runcms | 2026-04-16 | N/A |
| Directory traversal vulnerability in runCMS 1.2 and earlier allows remote attackers to read arbitrary files via the bbPath[path] parameter to (1) class.forumposts.php and (2) forumpollrenderer.php. NOTE: this issue is closely related to CVE-2006-0659. | ||||
| CVE-2006-1808 | 1 Lifetype | 1 Lifetype | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Lifetype 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the show parameter in a Template operation. | ||||
| CVE-2006-0222 | 1 Alstrasoft | 1 Template Seller | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in fullview.php in AlstraSoft Template Seller Pro allows remote attackers to inject arbitrary web script or HTML via the tempid parameter. | ||||
| CVE-2006-4751 | 1 Laurentiu Matei | 1 Expandable Home Page Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the errcode parameter. | ||||
| CVE-2006-4753 | 1 Comscripts | 1 Phprog | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in PHProg before 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2006-1824 | 1 Phpguestbook | 1 Phpguestbook | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PhpGuestbook.php in PhpGuestbook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Website, and (3) Comment parameter. | ||||