Total
29800 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2254 | 1 Intervations | 1 Filecopa | 2025-04-03 | N/A |
| Buffer overflow in filecpnt.exe in FileCOPA 1.01 allows remote attackers to cause a denial of service (application crash) via a username with a large number of newline characters. | ||||
| CVE-2006-2256 | 1 Eqdkp | 1 Eqdkp | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in includes/dbal.php in EQdkp 1.3.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the eqdkp_root_path parameter. | ||||
| CVE-2006-2257 | 1 Faktorystudios | 1 Easyevent | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in easyEvent 1.2 allows remote attackers to inject arbitrary web script or HTML via the curr_year parameter. | ||||
| CVE-2006-2285 | 1 Dokeos | 1 Open Source Learning And Knowledge Management Tool | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the includePath parameter. | ||||
| CVE-2006-2283 | 1 Spiffyjr | 1 Phpraid | 2025-04-03 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SpiffyJr phpRaid 2.9.5 through 3.0.b3 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) auth.php and (2) auth_phpbb when the phpBB portal is enabled, and via a URL in the smf_root_path parameter in (3) auth.php and (4) auth_SMF when the SMF portal is enabled. | ||||
| CVE-2006-2298 | 1 Internet Key Exchange | 1 Internet Key Exchange | 2025-04-03 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked daemon crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. | ||||
| CVE-2006-2300 | 1 Keyvan1 | 1 Eimagepro | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in EImagePro allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter to subList.asp, (2) SubjectID parameter to imageList.asp, or (3) Pic parameter to view.asp. | ||||
| CVE-2006-2302 | 1 Duware | 1 Dugallery | 2025-04-03 | N/A |
| SQL injection vulnerability in admin_default.asp in DUGallery 2.x allows remote attackers to execute arbitrary SQL commands via the (1) Login or (2) password field. | ||||
| CVE-2006-2318 | 1 Ideal Science | 1 Idealbb | 2025-04-03 | N/A |
| Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server. | ||||
| CVE-2006-2319 | 1 Ideal Science | 1 Idealbb | 2025-04-03 | N/A |
| Ideal Science Ideal BB 1.5.4a and earlier does not properly check file extensions before permitting an upload, which allows remote attackers to upload and execute an ASP script via a 0x00 character before the ".asp" portion of the filename. | ||||
| CVE-2006-2320 | 1 Ideal Science | 1 Idealbb | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to execute arbitrary SQL commands via multiple unspecified vectors related to stored procedure calls. NOTE: due to lack of details from the researcher, it is not clear whether this overlaps CVE-2004-2209. | ||||
| CVE-2006-2321 | 1 Ideal Science | 1 Idealbb | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: due to lack of details from the researcher, it is not clear whether this overlaps CVE-2004-2207. | ||||
| CVE-2006-2342 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | N/A |
| IBM WebSphere Application Server 6.0.2 before FixPack 3 allows remote attackers to bypass authentication for the Welcome Page via a request to the default context root. | ||||
| CVE-2006-2344 | 1 Ajax Softwares | 1 Alipager | 2025-04-03 | N/A |
| SQL injection vulnerability in inc/elementz.php in AliPAGER 1.5, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the ubild parameter. | ||||
| CVE-2006-2345 | 1 Roostercode Ajax Softwares | 1 Alipager | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in inc/elementz.php in AliPAGER 1.5 allows remote attackers to inject arbitrary web script or HTML via the ubild parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. NOTE: this issue might be resultant from SQL injection. | ||||
| CVE-2006-2346 | 1 Inter7 | 1 Vpopmail \(vchkpw\) | 2025-04-03 | N/A |
| vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP AUTH or (2) APOP. | ||||
| CVE-2006-2359 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in charts.php in the Chart mod for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this issue might be resultant from SQL injection. | ||||
| CVE-2006-2390 | 1 Ozjournals | 1 Ozjournals | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in OZJournals 1.2 allows remote attackers to inject arbitrary web script or HTML via the vname parameter in the comments functionality. | ||||
| CVE-2006-2391 | 1 Emc | 1 Retrospect Client | 2025-04-03 | N/A |
| Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497. | ||||
| CVE-2006-2396 | 1 Phpodp | 1 Phpodp | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in phpODP 1.5h allows remote attackers to inject arbitrary web script via the browse parameter. | ||||