Total
29922 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1570 | 1 Esqlanelapse | 1 Esqlanelapse | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Esqlanelapse 2.0 and 2.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | |||||
| CVE-2006-1569 | 1 Redcms | 1 Redcms | 2026-06-16 | 5.1 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters to (a) login.php or (b) register.php; or (3) u parameter to (c) profile.php. | |||||
| CVE-2006-1568 | 1 Redcms | 1 Redcms | 2026-06-16 | 5.1 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in register.php in RedCMS 0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) email, (2) location, or (3) website parameters. | |||||
| CVE-2006-1567 | 1 Sitesearch | 1 Indexer | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in searchresults.asp in SiteSearch Indexer 3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchField parameter. | |||||
| CVE-2006-1566 | 1 Debian | 1 Debian Linux | 2026-06-16 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory. | |||||
| CVE-2006-1565 | 1 Debian | 1 Debian Linux | 2026-06-16 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries in that directory. | |||||
| CVE-2006-1564 | 1 Debian | 1 Debian Linux | 2026-06-16 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory. | |||||
| CVE-2006-1563 | 1 Vscripts | 1 Vbook | 2026-06-16 | 7.6 HIGH | N/A |
| Direct static code injection vulnerability in config.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote administrators to execute arbitrary PHP code into the config file, which is included other [V]Book scripts. | |||||
| CVE-2006-1562 | 1 Vscripts | 1 Vbook | 2026-06-16 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) autor, (2) www, (3) temat, and (4) tresc parameters. | |||||
| CVE-2006-1561 | 1 Vscripts | 1 Vbook | 2026-06-16 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote attackers to execute arbitrary SQL commands via the x parameter. | |||||
| CVE-2006-1560 | 1 Skintech | 1 Phpnewsmanager | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 allow remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly (1) id and (2) topicid, in (a) browse.php, (b) category.php, (c) gallery.php, (d) poll.php, and (e) possibly other unspecified scripts. NOTE: portions of the description details are obtained from third party information. | |||||
| CVE-2006-1559 | 1 Php | 1 Php Script Index | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PHP Script Index allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-1558 | 1 Php | 1 Php Script Index | 2026-06-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PHP Script Index allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||||
| CVE-2006-1557 | 1 Skintech | 1 X-changer | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in X-Changer 0.2 allow remote attackers to execute arbitrary SQL commands via the (1) from and (2) into parameters in a calculate action, and the (3) id parameter in an edit action to index.php. | |||||
| CVE-2006-1556 | 1 Al-caricatier | 1 Al-caricatier | 2026-06-16 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in view_caricatier.php in AL-Caricatier 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) CatName, (2) CaricatierID, or (3) CatID parameter. | |||||
| CVE-2006-1555 | 1 Tachyon | 1 Vsns Lemon | 2026-06-16 | 7.5 HIGH | N/A |
| VSNS Lemon 3.2.0 allows remote attackers to bypass authentication and access password-protected articles by setting the vsns[topic_id] cookie to the targeted topic. | |||||
| CVE-2006-1554 | 1 Tachyon | 1 Vsns Lemon | 2026-06-16 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in VSNS Lemon 3.2.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter while adding a comment. | |||||
| CVE-2006-1553 | 1 Tachyon | 1 Vsns Lemon | 2026-06-16 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in functions/final_functions.php in VSNS Lemon 3.2.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-1551 | 1 Georges Auberger | 1 Pajax | 2026-06-16 | 7.5 HIGH | N/A |
| Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to execute arbitrary code via the (1) $method and (2) $args parameters. | |||||
| CVE-2006-1548 | 1 Apache | 1 Struts | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is not filtered in the resulting error message. | |||||
