Export limit exceeded: 29943 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29943 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1965 | 1 Exv2 | 1 Content Management System | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.0.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the set_lang parameter to (1) archive.php, (2) article.php, (3) index.php, or (4) topics.php. | ||||
| CVE-2006-6560 | 1 Mxbb | 1 Modsdb | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/common.php in the mx_modsdb 1.0.0 module for MxBB (aka MX-System) Portal allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | ||||
| CVE-2006-6598 | 1 Torrentflux | 2 Torrentflux, Torrentflux-b4rt | 2026-04-23 | N/A |
| Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the path parameter, a different vector than CVE-2006-6328. | ||||
| CVE-2006-6602 | 1 Microsoft | 2 Windows Explorer, Windows Xp | 2026-04-23 | N/A |
| explorer.exe in Windows Explorer 6.00.2900.2180 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service via a crafted WMV file. | ||||
| CVE-2007-2190 | 1 Eba News | 1 Eba News | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin/public/webpages.php in Eba News 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. | ||||
| CVE-2006-6609 | 1 Alientrap | 1 Nexuiz | 2026-04-23 | N/A |
| Nexuiz before 2.2.1 allows remote attackers to cause a denial of service (resource exhaustion or crash) via unspecified vectors related to "fake players." NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-6613 | 1 Phpalbum.net | 1 Phpalbum | 2026-04-23 | N/A |
| Directory traversal vulnerability in language.php in phpAlbum 0.4.1 Beta 6 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files or obtain sensitive information via a .. (dot dot) in the pa_lang[include_file] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by language.php. | ||||
| CVE-2006-6636 | 1 Ibm | 1 Websphere Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Utility Classes for IBM WebSphere Application Server (WAS) before 5.1.1.13 and 6.x before 6.0.2.17 has unknown impact and attack vectors. | ||||
| CVE-2007-0128 | 1 Digiappz | 1 Digirez | 2026-04-23 | N/A |
| SQL injection vulnerability in info_book.asp in Digirez 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter. | ||||
| CVE-2006-6667 | 1 Verliadmin | 1 Verliadmin | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in VerliAdmin 0.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) nick_mod or (2) nick parameter to (a) repass.php or (b) verify.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6698 | 1 Gnome | 1 Gconf | 2026-04-23 | N/A |
| The GConf daemon (gconfd) in GConf 2.14.0 creates temporary files under directories with names based on the username, even when GCONF_GLOBAL_LOCKS is not set, which allows local users to cause a denial of service by creating the directories ahead of time, which prevents other users from using Gnome. | ||||
| CVE-2006-6708 | 1 Mginternet | 1 Property Site Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in listings.asp in MGinternet Property Site Manager allows remote attackers to inject arbitrary web script or HTML via the s parameter. | ||||
| CVE-2007-2830 | 1 Madwifi | 1 Madwifi | 2026-04-23 | N/A |
| The ath_beacon_config function in if_ath.c in MadWifi before 0.9.3.1 allows remote attackers to cause a denial of service (system crash) via crafted beacon interval information when scanning for access points, which triggers a divide-by-zero error. | ||||
| CVE-2007-0798 | 1 Uapplication | 1 Ublog Reload | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ublog Reload 1.0.5 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) login.asp; and allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters to (2) badword.asp, (3) polls.asp, and (4) users.asp. | ||||
| CVE-2007-0814 | 1 Adrenalin Labs | 1 Adrenalins Asp Chat | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Adrenalin's ASP Chat allow remote attackers to inject arbitrary web script or HTML (1) via the psuedo (pseudo) field or (2) during chat. | ||||
| CVE-2006-6843 | 1 Joomla | 1 Be It Easypartner Component | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in the BE IT EasyPartner 0.0.9 beta component for Joomla! allows remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-0651 | 1 Mailenable | 1 Mailenable Professional | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow remote attackers to inject arbitrary Javascript script via (1) e-mail messages and (2) the ID parameter to (a) right.asp, (b) Forms/MAI/list.asp, and (c) Forms/VCF/list.asp in mewebmail/base/default/lang/EN/. | ||||
| CVE-2006-6851 | 1 Mobilelib | 1 Mobilelib Gold | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in contact_us.php in ac4p Mobilelib gold 2 allow remote attackers to inject arbitrary web script or HTML via the (1) email or (2) errr parameter. | ||||
| CVE-2006-6864 | 1 Enigma2 | 1 Coppermine Bridge | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in E2_header.inc.php in Enigma2 Coppermine Bridge 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter. | ||||
| CVE-2006-6865 | 1 Softartisans | 1 Fileup | 2026-04-23 | N/A |
| Directory traversal vulnerability in SAFileUpSamples/util/viewsrc.asp in SoftArtisans FileUp (SAFileUp) 5.0.14 allows remote attackers to read arbitrary files via a %c0%ae. (Unicode dot dot) in the path parameter, which bypasses the checks for ".." sequences. | ||||