Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29922 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-2425 1 Phpremoteview 1 Phpremoteview 2026-06-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in PRV.php in PhpRemoteView, possibly 2003-10-23 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) f, (2) d, and (3) ref parameters, and the (4) "MAKE DIR" and (5) "Full file name" fields.
CVE-2006-2424 1 Ezusermanager 1 Ezusermanager 2026-06-16 5.1 MEDIUM N/A
PHP remote file inclusion vulnerability in ezUserManager 1.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the ezUserManager_Path parameter to ezusermanager_pwd_forgott.php, possibly due to an issue in ezusermanager_core.inc.php.
CVE-2006-2423 1 Swsoft 1 Confixx 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the login parameter.
CVE-2006-2422 1 Coinsoft Technologies 1 Phpcoin 2026-06-16 5.0 MEDIUM N/A
phpCOIN 1.2.3 and earlier stores messages based upon e-mail addresses, which allows remote authenticated users to read messages for other users by adding the sender's e-mail address as an "additional contact".
CVE-2006-2421 1 Pragma Systems 1 Fortressssh 2026-06-16 7.5 HIGH N/A
Stack-based buffer overflow in Pragma FortressSSH 4.0.7.20 allows remote attackers to execute arbitrary code via long SSH_MSG_KEXINIT messages, which may cause an overflow when being logged. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-2419 1 Php 1 Directory Listing Script 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in Directory Listing Script allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
CVE-2006-2418 1 Phpmyadmin 1 Phpmyadmin 2026-06-16 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts.
CVE-2006-2415 1 Flexchat 1 Flexchat 2026-06-16 5.8 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in FlexChat 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username and (2) CFTOKEN parameter in (a) index.cfm and (3) CFTOKEN and (4) CFID parameter in (b) chat.cfm.
CVE-2006-2414 1 Timo Sirainen 1 Dovecot 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
CVE-2006-2413 1 Gnunet 1 Gnunet 2026-06-16 5.0 MEDIUM N/A
GNUnet before SVN revision 2781 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an empty UDP datagram, possibly involving FIONREAD errors.
CVE-2006-2412 1 Raydium 1 Raydium 2026-06-16 5.0 MEDIUM N/A
The raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a large ID, which causes an invalid memory access (buffer over-read).
CVE-2006-2411 1 Raydium 1 Raydium 2026-06-16 7.5 HIGH N/A
Buffer overflow in raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to execute arbitrary code by sending packets with long global variables to the client.
CVE-2006-2410 1 Raydium 1 Raydium 2026-06-16 5.0 MEDIUM N/A
raydium_network_netcall_exec function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a packet of type 0xFF, which causes a null dereference.
CVE-2006-2406 1 Unclassified Newsboard 1 Unclassified Newsboard 2026-06-16 2.6 LOW N/A
Directory traversal vulnerability in bb_lib/abbc.css.php in Unclassified NewsBoard (UNB) 1.5.3-d and possibly earlier versions, when register_globals is enabled, allows remote attackers to include arbitrary files via .. (dot dot) sequences and a trailing null byte (%00) in the design_path parameter. NOTE: this is closely related, but a different vulnerability than the ABBC[Config][smileset] parameter.
CVE-2006-2405 1 Unclassified Newsboard 1 Unclassified Newsboard 2026-06-16 6.8 MEDIUM N/A
Directory traversal vulnerability in unb_lib/abbc.conf.php in Unclassified NewsBoard (UNB) 1.6.1 patch 1 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via .. (dot dot) sequences and a trailing null byte (%00) in the ABBC[Config][smileset] parameter to unb_lib/abbc.css.php.
CVE-2006-2404 1 Radscripts 1 Radlance 2026-06-16 6.4 MEDIUM N/A
Directory traversal vulnerability in popup.php in RadScripts RadLance Gold 7.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the read parameter.
CVE-2006-2403 1 Filezilla 1 Filezilla 2026-06-16 7.5 HIGH N/A
Buffer overflow in FileZilla before 2.2.23 allows remote attackers to execute arbitrary commands via unknown attack vectors.
CVE-2006-2402 1 Outgun 1 Outgun 2026-06-16 5.0 MEDIUM N/A
Buffer overflow in the changeRegistration function in servernet.cpp for Outgun 1.0.3 bot 2 and earlier allows remote attackers to change the registration information of other players via a long string.
CVE-2006-2401 1 Outgun 1 Outgun 2026-06-16 7.8 HIGH N/A
The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (application crash) via packets with incorrect message sizes, which triggers a buffer over-read.
CVE-2006-2400 1 Outgun 1 Outgun 2026-06-16 7.8 HIGH N/A
The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (game interruption) via large packets, which cause an exception to be thrown.