Export limit exceeded: 363668 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363668 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-3575 1 Mcafee 1 Virusscan 2026-04-16 N/A
Unknown vulnerability in the Buffer Overflow Protection in McAfee VirusScan Enterprise 8.0.0 allows local users to cause a denial of service (unstable operation) via a long string in the (1) "Process name", (2) "Module name", or (3) "API name" fields.
CVE-2006-3574 1 Hitachi 3 Cosminexus Collaboration Portal, Groupmax Collaboration Portal, Groupmax Collaboration Web Client 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Groupmax Collaboration Portal and Web Client before 07-20-/D, and uCosminexus Collaboration Portal and Forum/File Sharing before 06-20-/C, allow remote attackers to "execute malicious scripts" via unknown vectors (aka HS06-014-01).
CVE-2006-3573 1 Milan Mimica 1 Sparklet 2026-04-16 N/A
Format string vulnerability in the WriteText function in agl_text.cpp in Milan Mimica Sparklet 0.9.4 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a player nickname.
CVE-2006-2963 1 It-direkt 1 Cabacos Web Cms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Suchergebnisse.asp in Cabacos Web CMS 3.8.498 and earlier allows remote attackers to inject arbitrary web script or HTML via the suchtext parameter.
CVE-2006-2948 1 Alan Ward 1 A-cart 2026-04-16 N/A
A-CART 2.0 stores the acart2_0.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain username and password information.
CVE-2006-2964 1 Xtreme Scripts 1 Download Manager 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts Download Manager (aka Xtreme Downloads) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) download.php, (2) manager.php, (3) admin/scripts/category.php, (4) includes/add_allow.php, (5) admin/index.php, and (6) admin/admin/login.php.
CVE-2006-2965 1 Particle Soft 1 Particle Whois 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Particle Soft Particle Whois 1.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) the target parameter in index.php and (2) the "input box."
CVE-2006-2992 1 My Photo Scrapbook 1 My Photo Scrapbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in display.asp in My Photo Scrapbook 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the key_m parameter.
CVE-2006-3033 1 Myscrapbook 1 Myscrapbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in MyScrapbook 3.1 allows remote attackers to inject arbitrary web script or HTML via the input box in singlepage.php when submitting scrapbook pages.
CVE-2006-2995 1 Webprojectdb 1 Webprojectdb 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in WebprojectDB 0.1.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the INCDIR parameter in (1) include/nav.php and (2) include/lang.php.
CVE-2006-2996 1 Lovecompass 1 Aepartner 2026-04-16 N/A
PHP remote file inclusion vulnerability in inc/design.inc.php in LoveCompass aePartner 0.8.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the dir[data] parameter.
CVE-2006-3035 1 Myscrapbook 1 Myscrapbook 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in addwords.php in MyScrapbook 3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) comment parameters. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-3000 1 Okscripts 1 Okarticles 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in OkScripts OkArticles 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
CVE-2006-3037 1 Site Trade 1 St Admanager Lite 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in publish.php in ST AdManager Lite allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) description, (3) article, (4) bio, and (5) name parameters.
CVE-2006-3001 1 Okscripts 1 Okmall 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in OkScripts OkMall 1.0 allow remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: this might be resultant from another vulnerability, since the XSS is reflected in an error message.
CVE-2006-3002 1 Easy Ad-manager 1 Easy Ad-manager 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in details.php in Easy Ad-Manager allows remote attackers to inject arbitrary web script or HTML via the mbid parameter, which is reflected in an error message. NOTE: on 20060829, the vendor notified CVE that this issue has been fixed.
CVE-2006-3007 1 Nullsoft 1 Shoutcast Server 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in SHOUTcast 1.9.5 allow remote attackers to inject arbitrary HTML or web script via the DJ fields (1) Description, (2) URL, (3) Genre, (4) AIM, and (5) ICQ.
CVE-2006-3038 1 Cescripts 1 Realty Room Rent 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Cescripts Realty Room Rent allows remote attackers to inject arbitrary web script or HTML via the sel_menu parameter. NOTE: the vendor notified CVE on 20060823 that "All issues concerning this script and others at cescripts.com have been addressed and fixed."
CVE-2006-3011 1 Php 1 Php 2026-04-16 N/A
The error_log function in basic_functions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode.
CVE-2006-3012 1 Eschew.net 1 Phpbannerexchange 2026-04-16 N/A
SQL injection vulnerability in phpBannerExchange before 2.0 Update 6 allows remote attackers to execute arbitrary SQL commands via the (1) login parameter in (a) client/stats.php and (b) admin/stats.php, or the (2) pass parameter in client/stats.php.