Export limit exceeded: 363426 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363426 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-6244 1 Coalescent Systems 1 Freepbx 2026-04-23 N/A
Coalescent Systems freePBX (formerly Asterisk Management Portal) before 2.2.0rc1 allows attackers to execute arbitrary commands via shell metacharacters in (1) CALLERID(name) or (2) CALLERID(number).
CVE-2006-6262 1 Phpjunkyard 1 Phpjunkyard Mboard 2026-04-23 N/A
Directory traversal vulnerability in mboard.php in PHPJunkYard (aka Klemen Stirn) MBoard 1.22 and earlier allows remote attackers to create arbitrary empty files via a .. (dot dot) in the orig_id parameter.
CVE-2006-6296 1 Microsoft 2 Windows 2000, Windows Xp 2026-04-23 N/A
The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via an RPC request that specifies a large 'offered' value (output buffer size), a variant of CVE-2005-3644.
CVE-2006-6255 1 Nukeai 1 Nukeai 2026-04-23 N/A
Direct static code injection vulnerability in util.php in the NukeAI 0.0.3 Beta module for PHP-Nuke, aka Program E is an AIML chatterbot, allows remote attackers to upload and execute arbitrary PHP code via a filename with a .php extension in the filename parameter and code in the moreinfo parameter, which is saved to a filename under descriptions/, which is accessible via a direct request.
CVE-2006-5885 1 Dynamic Dataworx 1 Nustore 2026-04-23 N/A
SQL injection vulnerability in Products.asp in NuStore 1.0 allows remote attackers to execute arbitrary SQL commands via the SubCatagoryID parameter.
CVE-2006-5886 1 Dynamic Dataworx 1 Nurealestate 2026-04-23 N/A
SQL injection vulnerability in propertysdetails.asp in Dynamic Dataworx NuRealestate (NuRems) 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the PropID parameter.
CVE-2006-5889 1 Brewblogger 1 Brewblogger 2026-04-23 N/A
SQL injection vulnerability in printLog.php in BrewBlogger (BB) 1.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-5890 1 Superfreaker Studios 1 Usupport 2026-04-23 N/A
SQL injection vulnerability in detail.asp in Superfreaker Studios USupport 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-5891 1 Superfreaker Studios 1 Ustore 2026-04-23 N/A
SQL injection vulnerability in detail.asp in Superfreaker Studios UStore 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2006-5895 1 Encapscms 1 Encapscms 2026-04-23 N/A
PHP remote file inclusion vulnerability in core/core.php in EncapsCMS 0.3.6 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.
CVE-2007-3166 1 Qualcomm 1 Eudora 2026-04-23 N/A
Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, remote IMAP servers to execute arbitrary code via a long FLAGS response to a SELECT INBOX command.
CVE-2006-5909 1 Paul Tarjan 1 Stanford Conference And Research Forum 2026-04-23 N/A
generaloptions.php in Paul Tarjan Stanford Conference And Research Forum (SCARF) before 20070227 does not require the admin privilege, which allows remote attackers to reconfigure the application or its user accounts.
CVE-2007-3160 1 Php Real Estate Classifieds 1 Php Real Estate Classifieds 2026-04-23 N/A
PHP remote file inclusion vulnerability in admin/header.php in PHP Real Estate Classifieds Premium Plus allows remote attackers to execute arbitrary PHP code via a URL in the loc parameter.
CVE-2006-5867 2 Fetchmail, Redhat 2 Fetchmail, Enterprise Linux 2026-04-23 N/A
fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.
CVE-2006-5868 4 Canonical, Debian, Imagemagick and 1 more 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more 2026-04-23 N/A
Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.
CVE-2006-6253 1 Cahier De Textes 1 Cahier De Textes 2026-04-23 N/A
Cahier de texte 2.0 stores sensitive information under the web root, possibly with insufficient access control, which might allow remote attackers to obtain all users' passwords via a direct request for administration/dump.sql.
CVE-2007-3155 1 Egroupware 1 Egroupware 2026-04-23 N/A
Unspecified vulnerability in eGroupWare before 1.2.107-2 has unknown impact and attack vectors related to ADOdb. NOTE: due to lack of details from the vendor, it is uncertain whether this issue is already covered by another CVE identifier.
CVE-2007-3153 1 Daniel Stenberg 1 C-ares 2026-04-23 N/A
The ares_init:randomize_key function in c-ares, on platforms other than Windows, uses a weak facility for producing a random number sequence (Unix rand), which makes it easier for remote attackers to spoof DNS responses by guessing certain values.
CVE-2008-1820 1 Oracle 3 Database 10g, Database 11g, Database 9i 2026-04-23 N/A
Unspecified vulnerability in the Data Pump component in Oracle Database 9.2.0.8, 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote attack vectors related to KUPF$FILE_INT, aka DB11. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that DB11 is for a buffer overflow in the SYS.KUPF$FILE_INT.GET_FULL_FILENAME procedure.
CVE-2007-3150 1 Google 1 Desktop 2026-04-23 N/A
Google Desktop allows user-assisted remote attackers to execute arbitrary programs via a man-in-the-middle attack that injects JavaScript, a www.google.com search IFRAME, and a META HTTP-EQUIV="refresh" that targets a www.google.com search for a local .exe file, which is displayed in the "results stored on your computer" portion of the search results, and when clicked invokes Google Desktop to execute this file.