Total
29894 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5951 | 1 Exophpdesk | 1 Exophpdesk | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in pipe.php in Exophpdesk 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the lang_file parameter. | ||||
| CVE-2006-5930 | 1 Aigaion | 1 Aigaion | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Aigaion Web based bibliography management system 1.2.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the DIR parameter to (1) _basicfunctions.php, or (2) pageactionauthor.php. | ||||
| CVE-2006-5924 | 1 Efficientip | 1 Ipmanager | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Efficient IP iPmanager (IPm) 2.3 allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter. NOTE: the provenance of this information is unknown; details are obtained from third party sources. | ||||
| CVE-2006-5916 | 1 Intego | 1 Virusbarrier | 2025-04-09 | N/A |
| Intego VirusBarrier X4 allows context-dependent attackers to bypass virus protection by quickly injecting many infected files into the filesystem, which prevents VirusBarrier from processing all the files. | ||||
| CVE-2006-5912 | 1 Campware.org | 1 Campsite | 2025-04-09 | N/A |
| Unspecified vulnerability in Campware Campsite before 2.6.2 has unknown impact and attack vectors, related to a "Security fix for you-know-what," possibly related to encrypted passwords. | ||||
| CVE-2006-5895 | 1 Encapscms | 1 Encapscms | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in core/core.php in EncapsCMS 0.3.6 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter. | ||||
| CVE-2007-3496 | 1 Sap | 4 Netweaver Nw04, Netweaver Nw04s, Sap Basis Component 640 and 1 more | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in SAP Web Dynpro Java (BC-WD-JAV) in SAP NetWeaver Nw04 SP15 through SP19 and Nw04s SP7 through SP11, aka SAP Java Technology Services 640 before SP20 and SAP Web Dynpro Runtime Core Components 700 before SP12, allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header. | ||||
| CVE-2006-5887 | 1 Dynamic Dataworx | 1 Nuschool | 2025-04-09 | N/A |
| SQL injection vulnerability in CampusNewsDetails.asp in Dynamic Dataworx NuSchool 1.0 allows remote attackers to execute arbitrary SQL commands via the NewsID parameter. | ||||
| CVE-2006-5862 | 1 Network Administration Visualized | 1 Network Administration Visualized | 2025-04-09 | N/A |
| Directory traversal vulnerability in the session mechanism of the web interface for Network Administration Visualized (NAV) before 3.1.1 allows attackers with filesystem write access to have an unknown impact via unknown attack vectors. | ||||
| CVE-2007-3161 | 1 Visicom Media | 1 Ace-ftp | 2025-04-09 | N/A |
| Buffer overflow in Ace-FTP Client 1.24a allows user-assisted, remote FTP servers to execute arbitrary code via a long response. | ||||
| CVE-2006-5863 | 1 Otterware | 1 Letterit2 | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in inc/session.php for LetterIt 2 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter. | ||||
| CVE-2006-5842 | 1 Unicore | 1 Unicore Client | 2025-04-09 | N/A |
| The keystore file in Unicore Client before 5.6 build 5, when running on Unix systems, has insecure default permissions, which allows local users to obtain sensitive information. | ||||
| CVE-2006-5838 | 1 Newp | 1 News Publication System | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in lib/class.Database.php in NewP News Publication System 1.0.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the path parameter. | ||||
| CVE-2006-5837 | 1 Simplechat | 1 Simplechat | 2025-04-09 | N/A |
| Static code injection vulnerability in chat_panel.php in the SimpleChat 1.0.0 module for iWare Professional CMS allows remote attackers to inject arbitrary PHP code into chat_log.php via the msg parameter. | ||||
| CVE-2008-0303 | 1 Canon | 12 I-sensys, Imagepress, Imagerunner and 9 more | 2025-04-09 | N/A |
| The FTP print feature in multiple Canon printers, including imageRUNNER and imagePRESS, allow remote attackers to use the server as an inadvertent proxy via a modified PORT command, aka FTP bounce. | ||||
| CVE-2006-5835 | 1 Ibm | 1 Lotus Notes | 2025-04-09 | N/A |
| The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file. | ||||
| CVE-2006-5826 | 1 Texas Imperial Software | 1 Wftpd | 2025-04-09 | N/A |
| Buffer overflow in Texas Imperial Software WFTPD Pro Server 3.23.1.1 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via crafted APPE commands that contain "/" (slash) or "\" (backslash) characters. | ||||
| CVE-2006-5778 | 1 Linux-ftpd-ssl | 1 Linux-ftpd-ssl | 2025-04-09 | N/A |
| ftpd in linux-ftpd 0.17, and possibly other versions, performs a chdir before setting the UID, which allows local users to bypass intended access restrictions by redirecting their home directory to a restricted directory. | ||||
| CVE-2006-5773 | 1 Freewebshop | 1 Freewebshop | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 and earlier allows remote attackers to read arbitrary files and disclose the installation path via a .. (dot dot) in the action parameter. | ||||
| CVE-2007-3515 | 1 Sweetphp | 1 Totalcalendar | 2025-04-09 | N/A |
| SQL injection vulnerability in view_event.php in TotalCalendar 2.402 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||