Export limit exceeded: 362065 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362065 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362065 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362065 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5023 1 Aspindir 1 Xweblog 2026-04-23 N/A
SQL injection vulnerability in kategori.asp in xweblog 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the kategori parameter.
CVE-2006-5027 1 Jeroen Vennegoor 1 Jevoncms 2026-04-23 N/A
Jeroen Vennegoor JevonCMS, possibly pre alpha, allows remote attackers to obtain sensitive information via a direct request for php/main/phplib files (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysql.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, and (7) db_pgsql.inc; and (8) db_sybase.inc, which reveals the path in various error messages.
CVE-2006-5028 1 Swsoft 2 Plesk, Plesk Reload 2026-04-23 N/A
Directory traversal vulnerability in filemanager/filemanager.php in SWsoft Plesk 7.5 Reload and Plesk 7.6 for Microsoft Windows allows remote attackers to list arbitrary directories via a ../ (dot dot slash) in the file parameter in a chdir action.
CVE-2006-5029 1 Woltlab 1 Burning Board 2026-04-23 N/A
SQL injection vulnerability in thread.php in WoltLab Burning Board (wBB) 2.3.x allows remote attackers to obtain the version numbers of PHP, MySQL, and wBB via the page parameter. NOTE: this issue might be a forced SQL error. Also, the original report was disputed by a third party for 2.3.3 and 2.3.4.
CVE-2006-5030 1 Exv2 1 Content Management System 2026-04-23 N/A
SQL injection vulnerability in modules/messages/index.php in exV2 2.0.4.3 and earlier allows remote authenticated users to execute arbitrary SQL commands via the sort parameter.
CVE-2006-5031 1 Cakephp 1 Cakephp 2026-04-23 N/A
Directory traversal vulnerability in app/webroot/js/vendors.php in Cake Software Foundation CakePHP before 1.1.8.3544 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, followed by a filename ending with "%00" and a .js filename.
CVE-2006-5036 1 Squiz 2 Mysource Classic, Mysource Matrix 2026-04-23 N/A
MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that "The vendor does not consider this a vulnerability.
CVE-2006-5037 1 Squiz 1 Mysource Matrix 2026-04-23 N/A
MySource Matrix after 3.8 allows remote attackers to use the application as an HTTP proxy server via a MIME encoded URL in the sq_content_src parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that "The vendor does not consider this a vulnerability.
CVE-2006-5038 1 Fiwin 1 Ss28s Wifi Voip Sip Skype Phone 2026-04-23 N/A
The FiWin SS28S WiFi VoIP SIP/Skype Phone, firmware version 01_02_07, has a hard-coded username and password, which allows remote attackers to gain administrative access via telnet.
CVE-2006-5040 1 Joomla 2 Com Sef, Sef4040x 2026-04-23 N/A
Unspecified vulnerability in SEF404x (com_sef) for Joomla! has unspecified impact and attack vectors.
CVE-2006-5041 1 Joomla 2 Com Hotproperties, Hot Properties 2026-04-23 N/A
Unspecified vulnerability in Hot Properties (possibly com_hotproperties) 0.97 and earlier for Joomla! has unspecified impact and attack vectors.
CVE-2006-5043 2 Joomla, Joomlaboard 2 Joomla\!, Joomlaboard 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in the Joomlaboard Forum Component (com_joomlaboard) before 1.1.2 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) file_upload.php or (2) image_upload.php, a variant of CVE-2006-3528.
CVE-2006-5046 1 Joomla 1 Rs Gallery2 2026-04-23 N/A
Unspecified vulnerability in RS Gallery2 (com_rsgallery2) 1.11.3 and earlier for Joomla! has unspecified impact and attack vectors, related to lack of "hardened language files."
CVE-2006-5047 1 Joomla 1 Rs Gallery2 2026-04-23 N/A
Unspecified vulnerability in rsgallery2.html.php in RS Gallery2 component (com_rsgallery2) before 1.11.3 for Joomla! allows attackers to execute arbitrary code.
CVE-2006-5049 1 Joomla 2 Classifieds Component, Com Classifieds 2026-04-23 N/A
Unspecified vulnerability in Classifieds (com_classifieds) component 1.3 and earlier for Joomla! has unspecified impact and attack vectors.
CVE-2006-5052 2 Openbsd, Redhat 2 Openssh, Enterprise Linux 2026-04-23 N/A
Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."
CVE-2006-5896 1 Remlab 1 Web Mech Designer 2026-04-23 N/A
REMLAB Web Mech Designer 2.0.5 allows remote attackers to obtain the full path of the script via an incorrect Tonnage parameter to calculate.php that triggers a divide-by-zero error, which leaks the path in an error message.
CVE-2006-6126 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Apple Mac OS X allows local users to cause a denial of service (memory corruption) via a crafted Mach-O binary with a malformed load_command data structure.
CVE-2008-2997 1 Gravityboardx 1 Gravity Board X 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in Gravity Board X (GBX) 2.0 Beta allows remote attackers to inject arbitrary web script or HTML via the subject parameter in a postnewsubmit (aka create new thread) action.
CVE-2008-2993 1 Fog 1 Fog Forum 2026-04-23 N/A
Multiple directory traversal vulnerabilities in index.php in FOG Forum 0.8.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) fog_lang and (2) fog_skin parameters, probably related to libs/required/share.inc; and possibly the (3) fog_pseudo, (4) fog_posted, (5) fog_password, and (6) fog_cook parameters.