Export limit exceeded: 47163 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5050 | 1 Rob Landley | 1 Busybox | 2026-04-23 | N/A |
| Directory traversal vulnerability in httpd in Rob Landley BusyBox allows remote attackers to read arbitrary files via URL-encoded "%2e%2e/" sequences in the URI. | ||||
| CVE-2006-5052 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2026-04-23 | N/A |
| Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort." | ||||
| CVE-2006-5053 | 1 Web-news | 1 Web-news | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in webnews/template.php in Web-News 1.6.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content_page parameter. | ||||
| CVE-2006-5054 | 1 Iyzi Forum | 1 Iyzi Forum | 2026-04-23 | N/A |
| SQL injection vulnerability in uye/uye_ayrinti.asp in iyzi Forum 1 Beta 2 and earlier allows remote attackers to execute arbitrary SQL commands via the uye_nu parameter. | ||||
| CVE-2006-5056 | 1 Opial | 1 Opial Audio Video Download Management | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Opial Audio/Video Download Management 1.0 allows remote attackers to inject arbitrary web script or HTML via the destination parameter in the Login view. | ||||
| CVE-2006-5057 | 1 Ktools.net | 1 Photostore | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ktools.net PhotoStore allow remote attackers to inject arbitrary web script or HTML via the (1) gid parameter in details.php, or the (2) photogid parameter in view_photog.php. | ||||
| CVE-2006-5058 | 1 Activision | 3 Call Of Duty, Call Of Duty 2, Call Of Duty United Offensive | 2026-04-23 | N/A |
| Buffer overflow in (1) Call of Duty 1.5b and earlier, (2) Call of Duty United Offensive 1.51b and earlier, and (3) Call of Duty 2 1.3 and earlier allows remote attackers to execute arbitrary code via a long map argument to the "callvote map" command. | ||||
| CVE-2006-5059 | 1 Wired Community Software | 1 Wwwthreads | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WWWthreads 5.4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the Cat parameter to (1) dosearch.php, (2) postlist.php, (3) showmembers.php, (4) faq_english.php, (5) online.php, (6) login.php, (7) newuser.php, (8) wwwthreads.php, (9) search.php, or (10) postlist.php. | ||||
| CVE-2006-5060 | 1 Jamroom | 1 Jamroom | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in Jamroom 3.0.16 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the forgot parameter in the forgot mode. | ||||
| CVE-2006-5061 | 1 Advanced-clan-script | 1 Advanced-clan-script | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in mcf.php in Advanced-Clan-Script (AVCX) 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content parameter. | ||||
| CVE-2006-5062 | 1 Pblang | 1 Pblang | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in templates/pb/language/lang_nl.php in PBLang (PBL) 4.66z and earlier allows remote attackers to execute arbitrary PHP code via a URL in the temppath parameter. | ||||
| CVE-2006-5063 | 1 Stefan Ritt | 1 Elog Web Logbook | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Elog 2.6.1 allows remote attackers to inject arbitrary web script or HTML by editing log entries in HTML mode. | ||||
| CVE-2006-5064 | 1 Birdblog | 1 Birdblog | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in BirdBlog 1.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) entryid parameter in comment.php, (2) page parameter in index.php, or the (3) uid parameter in user.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-5065 | 1 Zoomstats | 1 Zoomstats | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in libs/dbmax/mysql.php in ZoomStats 1.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[lib][db][path] parameter. | ||||
| CVE-2006-5066 | 1 Danphpsupport | 1 Danphpsupport | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in DanPHPSupport 0.5, and other versions before 1.0, allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter in index.php or the (2) do parameter in admin.php. | ||||
| CVE-2006-5067 | 1 Php System Administration Toolkit | 1 Php System Administration Toolkit | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in loader.php in PHP System Administration Toolkit (PHPSaTK) allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config] parameter. NOTE: this issue is disputed by CVE; analysis shows that the GLOBALS[config] variable is initialized before being used | ||||
| CVE-2006-5068 | 1 Brudaswen | 1 Brudanews | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin/index.php in Brudaswen (1) BrudaNews 1.1 and earlier and (2) BrudaGB 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the o parameter. | ||||
| CVE-2006-5069 | 1 Typo3 | 1 Typo3 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in class.tx_indexedsearch.php in the Indexed Search 2.9.0 extension for Typo3 before 4.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
| CVE-2006-5070 | 1 Facestones | 1 Facestones | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in fsl2/objects/fs_form_links.php in faceStones Personal 2.0.42 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[fsinit][objpath] parameter. | ||||
| CVE-2006-5071 | 1 Eyeos Project | 1 Eyeos | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in eyeOS before 0.9.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) eyeNav and (2) system/baixar.php. | ||||