Total
29914 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3190 | 1 Hotplug Cms | 1 Hotplug Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in administration/includes/login/auth.php in HotPlug CMS 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameters. | ||||
| CVE-1999-0012 | 2 Microsoft, Netscape | 5 Frontpage, Internet Information Server, Personal Web Server and 2 more | 2026-04-16 | 7 High |
| Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. | ||||
| CVE-2006-3391 | 1 Imbc | 1 Imbccontents Activex Control | 2026-04-16 | N/A |
| The Execute function in iMBCContents ActiveX Control before 2.0.0.59 allows remote attackers to execute arbitrary files via the file URI handler. | ||||
| CVE-2001-0097 | 1 Infinite | 1 Infinite Interchange | 2026-04-16 | N/A |
| The Web interface for Infinite Interchange 3.6.1 allows remote attackers to cause a denial of service (application crash) via a large POST request. | ||||
| CVE-2006-3476 | 1 Phpwebgallery | 1 Phpwebgallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in comments.php in PhpWebGallery 1.5.2 and earlier, and possibly 1.6.0, allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. | ||||
| CVE-2006-3620 | 1 Dream4 | 1 Koobi Pro | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to inject arbitrary web script or HTML via the toid parameter. | ||||
| CVE-2006-3731 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attackers to cause a denial of service (crash) via a form with a multipart/form-data encoding and a user-uploaded file. NOTE: a third party has claimed that this issue might be related to the LiveHTTPHeaders extension. | ||||
| CVE-2006-3856 | 1 Ibm | 1 Informix Dynamic Server | 2026-04-16 | N/A |
| IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows local users to cause a denial of service (crash) via unspecified vectors. | ||||
| CVE-2006-4114 | 1 Phpmyring | 1 Phpmyring | 2026-04-16 | N/A |
| SQL injection vulnerability in view_com.php in Nicolas Grandjean PHPMyRing 4.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idsite parameter. | ||||
| CVE-2006-3969 | 1 Joomla | 1 Colophon | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in administrator/components/com_colophon/admin.colophon.php in Colophon 1.2 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-3970 | 1 Joomla | 1 Lmo | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in lmo.php in the LMO Component (com_lmo) 1.0b2 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-4029 | 1 Ageet | 1 Agephone | 2026-04-16 | N/A |
| Stack-based buffer overflow in sipd.dll in AGEphone 1.24 and 1.38.1 allows remote attackers to execute arbitrary code via a crafted UDP SIP packet. | ||||
| CVE-2006-4036 | 1 Zonemetrics | 1 Zonex Publishers Gold Edition | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in includes/usercp_register.php in ZoneMetrics ZoneX Publishers Gold Edition 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2006-4035 | 1 Counterchaos | 1 Counterchaos | 2026-04-16 | N/A |
| SQL injection vulnerability in counterchaos.php in CounterChaos 0.48c and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header. | ||||
| CVE-2006-4037 | 1 Fenestrae | 1 Faxination Server | 2026-04-16 | N/A |
| Unspecified vulnerability in Fenestrae Faxination Server allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2006-4070 | 1 Imendio Planner | 1 Imendio Planner | 2026-04-16 | N/A |
| Format string vulnerability in Imendio Planner 0.13 allows user-assisted attackers to execute arbitrary code via format string specifiers in a filename. | ||||
| CVE-2006-4196 | 1 Webinsta | 1 Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in WEBInsta CMS 0.3.1 and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the templates_dir parameter. | ||||
| CVE-2006-4230 | 1 Lizge | 1 Lizge Web Portal | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in index.php in Lizge V.20 Web Portal allow remote attackers to execute arbitrary PHP code via a URL in the (1) lizge or (2) bade parameters. | ||||
| CVE-2006-4231 | 1 Irfanview | 1 Irfanview | 2026-04-16 | N/A |
| IrfanView 3.98 (with plugins) allows remote attackers to cause a denial of service (application crash) via a crafted CUR image file. | ||||
| CVE-2006-4234 | 1 Dotproject | 1 Dotproject | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in classes/query.class.php in dotProject 2.0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter. | ||||