Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4720 1 Mcgallery 1 Mcgallery Pro 2026-04-16 N/A
PHP remote file inclusion vulnerability in random2.php in mcGalleryPRO 2006 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter.
CVE-2006-4726 1 Adobe 1 Coldfusion 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a ColdFusion error page.
CVE-2006-4732 1 Microsoft 1 Visual Basic 2026-04-16 N/A
Unspecified vulnerability in Microsoft Visual Basic (VB) 6 has an unknown impact ("overflow") via a project that contains a certain Click event procedure, as demonstrated using the msgbox function and the VB.Label object.
CVE-2006-4740 1 Jetbox 1 Jetbox Cms 2026-04-16 N/A
Jetbox CMS allows remote attackers to obtain sensitive information via a direct request for certain files, which reveal the path in an error message.
CVE-2006-4741 1 Idevspot 1 Phplinkexchange 2026-04-16 N/A
PHP remote file inclusion vulnerability in bits_listings.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary code via the svr_rootPhpStart parameter.
CVE-2006-4758 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
phpBB 2.0.21 does not properly handle pathnames ending in %00, which allows remote authenticated administrative users to upload arbitrary files, as demonstrated by a query to admin/admin_board.php with an avatar_path parameter ending in .php%00.
CVE-2006-4765 1 Netgear 1 Dg834gt 2026-04-16 N/A
NETGEAR DG834GT Wireless ADSL router running firmware 1.01.28 allows attackers to cause a denial of service (device hang) via a long string in the username field in the login window.
CVE-2006-4766 1 Stefan Ernst 1 Newsscript 2026-04-16 N/A
Directory traversal vulnerability in print.php in Stefan Ernst Newsscript (aka WM-News) 0.5 beta allows remote attackers to read arbitrary files via a .. (dot dot) in the ide parameter.
CVE-2006-4769 1 Gtasoft 1 P4cms 2026-04-16 N/A
PHP remote file inclusion vulnerability in abf_js.php in p4CMS 1.05 allows remote attackers to execute arbitrary PHP code via a URL in the abs_pfad parameter.
CVE-2006-4778 1 Cchost 1 Cchost 2026-04-16 N/A
SQL injection vulnerability in Creative Commons Tools ccHost before 3.0 allows remote attackers to execute arbitrary SQL commands via a crafted URL, which is used to populate the file ID. NOTE: Some details are obtained from third party information.
CVE-2006-4779 1 Phpbb Group 1 Vitrax Premodded Phpbb 2026-04-16 N/A
PHP remote file inclusion vulnerability in includes/functions_portal.php in Vitrax Premodded phpBB 1.0.6-R3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-4786 1 Moodle 1 Moodle 2026-04-16 N/A
Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via (1) help.php and (2) other unspecified vectors involving scheduled backups.
CVE-2006-4787 1 Alphamail 1 Alphamail 2026-04-16 N/A
AlphaMail before 1.0.16 allows local users to obtain sensitive information via the logging functionality, which displays unencrypted passwords in an error message. NOTE: some details are obtained from third party information.
CVE-2002-0378 2 Astart Technologies, Redhat 3 Lprng, Enterprise Linux, Linux 2026-04-16 N/A
The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts.
CVE-2006-2370 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability."
CVE-1999-0793 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.
CVE-2003-1192 1 Truenorth Software 1 Ia Webmail Server 2026-04-16 N/A
Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request.
CVE-1999-0132 2 Hp, Sun 3 Hp-ux, Solaris, Sunos 2026-04-16 N/A
Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.
CVE-1999-0138 7 Apple, Digital, Freebsd and 4 more 9 A Ux, Osf 1, Freebsd and 6 more 2026-04-16 N/A
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
CVE-1999-0141 1 Netscape 1 Navigator 2026-04-16 N/A
Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet.