Export limit exceeded: 29913 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29913 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1625 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode email tag, as demonstrated using the onmousemove event. | ||||
| CVE-2006-1634 | 1 Lucidcms | 1 Lucidcms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in LucidCMS 2.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the command parameter. | ||||
| CVE-2006-1635 | 1 Lucidcms | 1 Lucidcms | 2026-04-16 | N/A |
| LucidCMS 2.0.0 RC4 allows remote attackers to obtain sensitive information via a direct request to /lucid_phplib/translator.php, which reveals the path in an error message. | ||||
| CVE-2006-1680 | 1 Jupiter Cms | 1 Jupiter Cms | 2026-04-16 | N/A |
| Jupiter CMS 1.1.5, when display_errors is enabled, allows remote attackers to obtain the full server path via a direct request to modules/online.php. | ||||
| CVE-2006-1690 | 1 Manic Web | 1 Mwnewsletter | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in subscribe.php in MWNewsletter 1.0.0b allows remote attackers to inject arbitrary web script or HTML via the user_name parameter. | ||||
| CVE-2006-1686 | 1 Apt | 1 Apt-webshop-system | 2026-04-16 | N/A |
| Unspecified vulnerability in modules.php in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allows remote attackers to access unspecified files via a modified warp parameter. | ||||
| CVE-2006-1689 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unspecified vulnerability in su in HP HP-UX B.11.11, when using the LDAP netgroup feature, allows local users to gain unspecified access. | ||||
| CVE-2006-1699 | 1 Aweb | 1 Banner Generator | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Aweb Banner Generator 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the banner parameter in view mode. | ||||
| CVE-2006-1704 | 1 Hubert Plisson | 1 Sire | 2026-04-16 | N/A |
| Sire 2.0 nws allows remote attackers to upload arbitrary image files without authentication via a direct request to upload.php. | ||||
| CVE-2006-1705 | 1 Oracle | 2 Oracle10g, Oracle9i | 2026-04-16 | N/A |
| Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view. | ||||
| CVE-2006-1702 | 1 Spip | 1 Spip | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in spip_login.php3 in SPIP 1.8.3 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter. | ||||
| CVE-2003-0030 | 1 Protegrity | 1 Secure.data | 2026-04-16 | N/A |
| Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp_pty_checkusers, (2) xp_pty_insert, or (3) xp_pty_select. | ||||
| CVE-2006-1717 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka MyBulletinBoard) 1.10, when configured to permit new threads by unregistered users, allows remote attackers to inject arbitrary web script or HTML via the username. | ||||
| CVE-2006-1719 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) via any scrollbar Cascading Style Sheets (CSS) property. | ||||
| CVE-2006-1722 | 1 Suche | 1 Shopxs | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in suche.htm in ShopXS 4.0 allows remote attackers to inject arbitrary web script or HTML via the Suchstring1 (aka search) parameter. | ||||
| CVE-2006-1738 | 2 Mozilla, Redhat | 5 Firefox, Mozilla Suite, Seamonkey and 2 more | 2026-04-16 | N/A |
| Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (2) -moz-grid-group display styles. | ||||
| CVE-2006-1744 | 1 Joey Hess | 1 Bsdgames | 2026-04-16 | N/A |
| Buffer overflow in pl_main.c in sail in BSDgames before 2.17-7 allows local users to execute arbitrary code via a long player name that is used in a scanf function call. | ||||
| CVE-2006-1758 | 1 Bill Shupp | 1 Vegadns | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Vegadns 0.99 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2006-1761 | 1 Blursoft | 1 Blur6ex | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in index.php in blur6ex 0.3.452 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter, which is not sanitized in the error message. NOTE: the vector in the shard parameter is not XSS and has been assigned a separate name. | ||||
| CVE-2006-1755 | 1 Matthew Dingley | 1 Md News | 2026-04-16 | N/A |
| SQL injection vulnerability in admin.php in MD News 1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||