Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5614 1 Microsoft 2 Windows Nt Helper Components, Windows Xp 2026-04-23 N/A
Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP SP2, when Internet Connection Sharing is enabled, allows remote attackers to cause a denial of service (svchost.exe crash) via a malformed DNS query, which results in a null pointer dereference.
CVE-2006-5615 1 Textpattern 1 Textpattern 2026-04-23 N/A
PHP remote file inclusion vulnerability in publish.php in Textpattern 1.19, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the txpcfg[txpath] parameter.
CVE-2006-5618 1 Netref 1 Netref 2026-04-23 N/A
Directory traversal vulnerability in script/cat_for_aff.php in Netref 4 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the ad_direct parameter.
CVE-2006-5620 1 Minibill 1 Minibill 2026-04-23 N/A
PHP remote file inclusion vulnerability in include/menu_builder.php in MiniBILL 2006-10-10 (1.2.3) and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the config[page_dir] parameter, a different vector than CVE-2006-4489.
CVE-2006-5709 1 Alt-n 1 Mdaemon 2026-04-23 N/A
Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon before 9.50 has unknown impact and attack vectors related to a "JavaScript exploit."
CVE-2006-5625 1 Nx 1 N X Wcms 2026-04-23 N/A
PHP remote file inclusion vulnerability in wwwdev/nxheader.inc.php in N/X 2002 Professional Edition Web Content Management System (WCMS) 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the c[path] parameter.
CVE-2006-5627 1 Qnecms 1 Qnecms 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in QnECMS 2.5.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the adminfolderpath parameter to (1) headerscripts.php, (2) footerhome.php, and (3) footermain.php in admin/include/; (4) photogallery/headerscripts.php; and (5) footerhome.php, (6) footermain.php, (7) headermain.php, (8) sitemapfooter.php, and (9) sitemapheader.php in templates/.
CVE-2006-5628 1 Unisor Cms 1 Unisor Cms 2026-04-23 N/A
SQL injection vulnerability in login.asp in UNISOR Content Management System (CMS) allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) pass fields.
CVE-2006-5640 1 Techno Dreams 1 Techno Dreams Guest Book 2026-04-23 N/A
SQL injection vulnerability in guestbookview.asp in Techno Dreams Guest Book 1.0 earlier allows remote attackers to execute arbitrary SQL commands via the key parameter.
CVE-2006-5632 1 Ig Shop 1 Ig Shop 2026-04-23 6.1 Medium
Cross-site scripting (XSS) vulnerability in change_pass.php in iG Shop 1.4 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a different vulnerability than CVE-2006-5631. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-5635 1 Web Wiz Forums 1 Web Wiz Forums 2026-04-23 N/A
SQL injection vulnerability in forum/search.asp in Web Wiz Forums allows remote attackers to execute arbitrary SQL commands via the KW parameter.
CVE-2006-5636 1 Sws 1 Simple Website Software 2026-04-23 N/A
PHP remote file inclusion vulnerability in common.php in Simple Website Software (SWS) 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SWSDIR parameter.
CVE-2006-5643 1 Foresite Cms 1 Foresite Cms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in search_de.html in foresite CMS allows remote attackers to inject arbitrary web script or HTML via the query parameter.
CVE-2006-5648 1 Ubuntu 1 Ubuntu Linux 2026-04-23 5.5 Medium
Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (resource consumption) by using the (1) sys_get_robust_list and (2) sys_set_robust_list functions to create processes that cannot be killed.
CVE-2006-5650 1 Aol 1 Icq 2026-04-23 N/A
The ICQPhone.SipxPhoneManager ActiveX control in America Online ICQ 5.1 allows remote attackers to download and execute arbitrary code via the DownloadAgent function, as demonstrated using an ICQ avatar.
CVE-2006-5651 1 Digioz 1 Digioz Guestbook 2026-04-23 N/A
list.php in DigiOz Guestbook before 1.7.1 allows remote attackers to obtain sensitive information via a non-numeric page parameter, which displays the installation path in the resulting error message.
CVE-2006-5655 1 Opendocman 1 Opendocman 2026-04-23 N/A
SQL injection vulnerability in index.php in OpenDocMan 1.2p3 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2006-5657 1 Vilistextum 1 Vilistextum 2026-04-23 N/A
Multiple off-by-one errors in src/text.c in Vilistextum before 2.6.9 have unknown impact and attack vectors.
CVE-2006-5659 1 Pam Extern 1 Pam Extern 2026-04-23 N/A
PAM_extern before 0.2 sends a password as a command line argument, which allows local users to obtain the password by listing the command line arguments, such as ps. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-5660 1 Cisco 1 Security Agent Management Center 2026-04-23 N/A
Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server.