Total
29925 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3986 | 1 Knusperleicht | 1 Newsletter | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Knusperleicht Newsletter 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NL_PATH parameter. | |||||
| CVE-2006-3984 | 2 Gianluca Baldo, Phpadsnew | 2 Phpauction, Phpadsnew | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in phpAdsNew/view.inc.php in Albasoftware Phpauction 2.1 and possibly later versions, with phpAdsNew 2.0.5, allows remote attackers to execute arbitrary PHP code via a URL in the phpAds_path parameter. | |||||
| CVE-2006-3983 | 1 Ekilat Llc | 1 Php\(reactor\) | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in editprofile.php in php(Reactor) 1.27pl1 allows remote attackers to execute arbitrary PHP code via a URL in the pathtohomedir parameter. | |||||
| CVE-2006-3982 | 1 Knusperleicht | 1 Quickie | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICK_PATH parameter. | |||||
| CVE-2006-3981 | 1 Mambo | 1 Mambo Gallery Manager | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in about.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2006-3979 | 1 Macromedia | 1 Coldfusion | 2026-06-16 | 7.2 HIGH | N/A |
| The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic access" to the adminAPI instead of the ColdFusion Administrator. | |||||
| CVE-2006-3978 | 1 Adobe | 1 Coldfusion | 2026-06-16 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in a Verity third party library, as used on Adobe ColdFusion MX 7 through MX 7.0.2 and possibly other products, allows local users to execute arbitrary code via unknown attack vectors. | |||||
| CVE-2006-3977 | 1 Broadcom | 1 Etrust Antivirus Webscan | 2026-06-16 | 9.3 HIGH | N/A |
| Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 has unknown impact and remote attackers related to "improper processing of outdated WebScan components." | |||||
| CVE-2006-3976 | 1 Broadcom | 1 Etrust Antivirus Webscan | 2026-06-16 | 9.3 HIGH | N/A |
| Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 allows remote attackers to install arbitrary files. | |||||
| CVE-2006-3974 | 1 3com | 1 3cr860-95 | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cgi-bin/admin in 3Com OfficeConnect Secure Router with firmware 1.04-168 allows remote attackers to inject arbitrary web script or HTML via the tk parameter. | |||||
| CVE-2006-3973 | 1 My Firewall Plus | 1 My Firewall Plus | 2026-06-16 | 7.2 HIGH | N/A |
| My Firewall Plus 5.0 Build 1119 does not verify if explorer.exe is running before launching iexplore.exe from the "Test Your Firewall" feature, which allows local users to gain SYSTEM privileges. | |||||
| CVE-2006-3972 | 1 Scott Weedon | 1 Ajax Chat | 2026-06-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in includes/operator_chattranscript.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote attackers to read arbitrary files via a .. (dot dot) in the chatid parameter. | |||||
| CVE-2006-3971 | 1 Scott Weedon | 1 Ajax Chat | 2026-06-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in visitor/livesupport/chat.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote attackers to inject arbitrary web script or HTML via the userid parameter. | |||||
| CVE-2006-3970 | 1 Joomla | 1 Lmo | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in lmo.php in the LMO Component (com_lmo) 1.0b2 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
| CVE-2006-3969 | 1 Joomla | 1 Colophon | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in administrator/components/com_colophon/admin.colophon.php in Colophon 1.2 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
| CVE-2006-3968 | 1 Sun | 1 Solaris | 2026-06-16 | 5.0 MEDIUM | N/A |
| The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature, which might prevent applications from detecting that the data has been modified. | |||||
| CVE-2006-3967 | 1 Moskool | 1 Moskool | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in component/option,com_moskool/Itemid,34/admin.moskool.php in MamboXChange Moskool 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
| CVE-2006-3965 | 1 Banex | 1 Banex | 2026-06-16 | 5.0 MEDIUM | N/A |
| Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as database usernames and passwords. | |||||
| CVE-2006-3964 | 1 Banex | 1 Banex | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_root parameter. | |||||
| CVE-2006-3963 | 1 Banex | 1 Banex | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner Exchange 2.21 allow remote attackers to execute arbitrary SQL commands via the (1) site_name parameter to (a) signup.php, and the (2) id, (3) deleteuserbanner, (4) viewmem, (5) viewmemunb, (6) viewunmem,or (7) deleteuser parameters to (b) admin.php. | |||||
