Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4367 | 1 All Topics | 1 All Topics Hack | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in alltopics.php in the All Topics Hack 1.5.0 and earlier for phpBB 2.0.21 allows remote attackers to execute arbitrary SQL commands via the start parameter. | |||||
| CVE-2006-5126 | 1 Powerportal | 1 Powerportal | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in John Himmelman (aka DaRk2k1) PowerPortal 1.3a allows remote attackers to execute arbitrary PHP code via a URL in the file_name[] parameter. | |||||
| CVE-2006-6775 | 1 Acftp | 1 Acftp | 2017-10-18 | 3.5 LOW | N/A |
| acFTP 1.5 allows remote authenticated users to cause a denial of service via a crafted argument to the (1) REST or (2) PBSZ command. | |||||
| CVE-2006-5125 | 1 Joshua Muheim | 1 Phpmywebmin | 2017-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in window.php, possibly used by home.php, in Joshua Muheim phpMyWebmin 1.0 allows remote attackers to obtain sensitive information via a directory name in the target parameter, which triggers a directory listing through the opendir function. | |||||
| CVE-2006-5124 | 1 Joshua Muheim | 1 Phpmywebmin | 2017-10-18 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) target and (2) action parameters in window.php, and possibly the (3) target parameter in home.php. | |||||
| CVE-2006-4372 | 1 Constructor Component | 1 Constructor Component | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in admin.lurm_constructor.php in the Lurm Constructor component (com_lurm_constructor) 0.6b and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the lm_absolute_path parameter. | |||||
| CVE-2006-5115 | 1 Kgb | 1 Kgb | 2017-10-18 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in kgcall.php in KGB 1.87 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the engine parameter, as demonstrated by uploading a file containing PHP code with an image/jpeg content type, and then referencing this file through the engine parameter. | |||||
| CVE-2006-6261 | 2 Microsoft, Quinnware | 7 Windows 2000, Windows 95, Windows 98 and 4 more | 2017-10-18 | 9.3 HIGH | N/A |
| Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields. | |||||
| CVE-2006-5112 | 1 Intervations | 1 Navicopa Web Server | 2017-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in InterVations NaviCOPA Web Server 2.01 allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2006-4124 | 1 Lesstif | 1 Lesstif | 2017-10-18 | 4.6 MEDIUM | N/A |
| The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUG_FILE environment variable, which is used to create world-writable files when libXm is run from a setuid program. | |||||
| CVE-2006-4123 | 1 Boite De News | 1 Boite De News | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in boitenews4/index.php in Boite de News 4.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the url_index parameter. | |||||
| CVE-2006-6191 | 1 8pixel.net | 1 Simple Blog | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/edit.asp in 8pixel.net simpleblog 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-5383 | 1 Def-blog | 1 Def-blog | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comadd.php in Def-Blog 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter. | |||||
| CVE-2006-6615 | 1 Mxbb | 1 Activity Games Module | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/act_constants.php in the Activity Games (mx_act) 0.92 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | |||||
| CVE-2006-5384 | 1 Cds Software Consortium | 1 Cds Agenda | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in modification/SendAlertEmail.php in CDS Software Consortium CDS Agenda 4.2.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AGE parameter. | |||||
| CVE-2006-6764 | 1 Keep It Simple Guest Book | 1 Keep It Simple Guest Book | 2017-10-18 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in authenticate.php in Keep It Simple Guest Book (KISGB), when executing PHP through CGI, allows remote attackers to execute arbitrary PHP code via a URL in the default_path_to_themes parameter. | |||||
| CVE-2006-5386 | 1 Nuralstorm | 1 Nuralstorm Webmail | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in process.php in NuralStorm Webmail 0.98b and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DEFAULT_SKIN parameter. | |||||
| CVE-2006-4121 | 1 See-commerce | 1 See-commerce | 2017-10-18 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in owimg.php3 in See-Commerce 1.0.625 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | |||||
| CVE-2006-5388 | 1 Webspell | 1 Webspell | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in WebSPELL 4.01.01 and earlier allows remote attackers to execute arbitrary SQL commands via the getsquad parameter, a different vector than CVE-2006-4783. | |||||
| CVE-2006-6765 | 1 Pagetool | 1 Pagetool | 2017-10-18 | 6.8 MEDIUM | N/A |
| Multiple PHP file inclusion vulnerabilities in src/admin/pt_upload.php in Pagetool 1.07 allow remote attackers to execute arbitrary PHP code via (1) a local filename or FTP/share URI in the config_file parameter or (2) a URL in the ptconf[src] parameter. | |||||